Bug 19993 - Update request: nvidia3xx
Summary: Update request: nvidia3xx
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: https://lwn.net/Vulnerabilities/711187/
Whiteboard: mga5-32-ok advisory MGA-64-OK
Keywords: validated_update
Depends on:
Reported: 2016-12-19 21:56 CET by Thomas Backlund
Modified: 2017-01-10 22:37 CET (History)
9 users (show)

See Also:
Source RPM: nvidia3xx
Status comment:


Description Thomas Backlund 2016-12-19 21:56:18 CET
Security fixes, advisory to follow:

Theese packages are already in use in mga6/cauldron






Comment 1 Thomas Andrews 2016-12-22 02:59:27 CET
Updated the 64-bit 340 driver at the same time as the server kernel update.

Everything seems to be working as it should.

CC: (none) => andrewsfarm

Comment 2 Thomas Backlund 2016-12-22 19:58:22 CET
This proprietary nvidia340 and nvidia304 driver update fixes the folliwing
security issues:

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer (nvidia.ko) handler where a missing permissions check may allow
users to gain access to arbitrary physical memory, leading to an
escalation of privileges (CVE-2016-7382).

NVIDIA GPU Display Driver on Linux contains a vulnerability in the kernel
mode layer (nvidia.ko) handler for mmap() where improper input validation
may allow users to gain access to arbitrary physical memory, leading to
an escalation of privileges (CVE-2016-7389).

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer (nvidia.ko) where a user can cause a GPU interrupt storm, leading
to a denial of service (CVE-2016-8826).

Comment 3 Thomas Andrews 2016-12-28 16:51:48 CET
Updated the 32-bit nvidia304 driver at the same time as the update to the 4.4.39 32-bit server kernel.

Tried several apps, and everything looks good.

I would add OKs to the whiteboard, but I am not set up to try the 32-bit 340 driver or the 64-bit 304 driver, so I can't confirm that they are indeed OK.
Comment 4 PC LX 2017-01-01 11:54:17 CET
Been using the nvidia340 driver in a x86_64 system for a few days. Used Plasma, 3D games, vdpau, firefox, flash, and many other programs without issues.

$ lspcidrake | grep VGA
Card:NVIDIA GeForce 8100 to GeForce 415: NVIDIA Corporation|GT218 [GeForce 210] [DISPLAY_VGA] (rev: a2)
$ cat /proc/driver/nvidia/version 
NVRM version: NVIDIA UNIX x86_64 Kernel Module  340.101  Thu Dec  1 15:52:31 PST 2016
GCC version:  gcc version 4.9.2 (GCC) 
$ uname -a
Linux marte 4.4.39-desktop-1.mga5 #1 SMP Fri Dec 16 18:43:46 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
$ rpm -qa | grep nvidia | sort

CC: (none) => mageia

Comment 5 Len Lawrence 2017-01-01 15:15:51 CET
Updated nvidia340 to 340.101 on a Dell XPS laptop with MBR boot,  GeForce 8700M GT, kernel 4.4.39, x86_64.

Rebooted OK and X works fine but Firefox freezes up after 20 seconds use.

CC: (none) => tarazed25

Comment 6 Len Lawrence 2017-01-01 15:25:45 CET
firefox 45.6.0.  Had to restart it six times just to send the last message.
Comment 7 Thomas Andrews 2017-01-01 16:12:50 CET
No problems here with Firefox that I would put to the 340 driver. Seeing some slowness on some sites, but I believe that's being caused by my ISP.

Geforce 9800 GT in a home-built desktop, ASRock A790GXH/128M motherboard, Athlon X2 7750 processor, 8GB RAM.
Comment 8 PC LX 2017-01-01 18:43:18 CET
No issues with firefox-45.6.0-1.mga5 and Firefox 51.0b10 (upstream), including video and webgl stuff. No (more than usual) slowness either.
Comment 9 Len Lawrence 2017-01-01 20:01:00 CET
This issue with Firefox has happened before on other machines.  It recovers from the freeze if left for about a minute, during which time alternate cores go into overdrive, i.e. 100% usage.  Currently 45.6.0 is completely stable on my other machines, all running the advanced nvidia driver.  My suspicion fell on the kernels, which were being updated frequently but I have no real evidence to back that up.  For instance firefox is stable on the machine on which this is being composed (45.6.0 with 4.4.39-desktop-1.mga5).  Anyway the problem went away on the other machines but has come back to haunt me on the laptop with a fresh installation of mga5.1.  Not enough information to make it worthwhile raising a bug.
Comment 10 Len Lawrence 2017-01-01 21:11:51 CET
This is actually off-topic.  The journal showed that it is samba which is causing the problem.  For some reason it is (periodically?) trying to launch or maybe access CUPS via localhost:631.  Does not make sense to me but after stopping smbd the firefox freezes seem to have stopped.  I always thought that samba had something to do with Windows networking but it is needed apparently by GNOME and vlc at least.  Stopping it does not prevent vlc working normally.
Comment 11 Charles Edwards 2017-01-05 22:51:06 CET
On i586 Athlon XP 32 bit

nvidia304-304.131-1 works for new with kernel-desktop-4.4.39-1.

CC: (none) => cae

Comment 12 Brian Rockwell 2017-01-06 01:03:06 CET
MGA6 - not 5 - 

Video:  C51 [GeForce 6150 LE]

$ uname -a
Linux localhost.localdomain 4.9.0-desktop-4.mga6 #1 SMP Wed Jan 4 22:10:29 UTC 2017 i686 i686 i686 GNU/Linux

running dkms-nvidia304.134.2 - working as designed.

CC: (none) => brtians1

Comment 13 Brian Rockwell 2017-01-06 04:13:35 CET
MGA5-32 on GNOME

Video:  C51 [GeForce 6150 LE]
Athlon x2-3800

$ uname -a
Linux localhost.localdomain 4.4.39-desktop586-1.mga5 #1 SMP Fri Dec 16 18:34:16 UTC 2016 i686 i686 i686 GNU/Linux


which pulled in the nvidia kernel.

Using firefox browser.  I'm seeing some of the best response I've seen out of this machine, especially on gnome.

working as designed.

Whiteboard: (none) => mga5-32-ok

Comment 14 Lewis Smith 2017-01-08 20:33:02 CET
Advisory from comments 2 & 0.

CC: (none) => lewyssmith
Whiteboard: mga5-32-ok => mga5-32-ok advisory

Comment 15 Bill Wilkinson 2017-01-09 01:08:33 CET
Tested nvidia 304 mga5-64 under general use, nothing particularly taxing.  Web use, youtube videos, (firefox), view pictures, all OK.

I'll leave open in case anyone else is using it more extensively than I am, or I'll add the OK and validate tomorrow AM (US east coast time).

CC: (none) => wrw105

Comment 16 Maurice Batey 2017-01-09 18:57:43 CET
Installed from Testing:


After reboot, 'nVidia settings' confirms 340.101 installed.

No problems noticed, e,g, Firefox, Google-Earth, Gwenview, Skype, You Tube.

CC: (none) => maurice

Lewis Smith 2017-01-09 20:17:38 CET

Keywords: (none) => validated_update
Whiteboard: mga5-32-ok advisory => mga5-32-ok advisory MGA-64-OK
CC: (none) => sysadmin-bugs

Comment 17 Mageia Robot 2017-01-09 21:30:47 CET
An update for this issue has been pushed to the Mageia Updates repository.


Resolution: (none) => FIXED

David Walser 2017-01-10 22:37:45 CET

URL: (none) => https://lwn.net/Vulnerabilities/711187/

Note You need to log in before you can comment on or make changes to this bug.