From owner-svn-ports-head@FreeBSD.ORG  Wed Sep 12 07:31:23 2012
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 425851065672;
	Wed, 12 Sep 2012 07:31:23 +0000 (UTC)
	(envelope-from danfe@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id 1418B8FC18;
	Wed, 12 Sep 2012 07:31:23 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q8C7VMNe020041;
	Wed, 12 Sep 2012 07:31:22 GMT (envelope-from danfe@svn.freebsd.org)
Received: (from danfe@localhost)
	by svn.freebsd.org (8.14.4/8.14.4/Submit) id q8C7VMJ4020038;
	Wed, 12 Sep 2012 07:31:22 GMT (envelope-from danfe@svn.freebsd.org)
Message-Id: <201209120731.q8C7VMJ4020038@svn.freebsd.org>
From: Alexey Dokuchaev <danfe@FreeBSD.org>
Date: Wed, 12 Sep 2012 07:31:22 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
	svn-ports-head@freebsd.org
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r304136 - head/security/vuxml
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the ports tree for head
	<svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>, 
	<mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
	<mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Sep 2012 07:31:23 -0000

Author: danfe
Date: Wed Sep 12 07:31:22 2012
New Revision: 304136
URL: http://svn.freebsd.org/changeset/ports/304136

Log:
  Update NVIDIA arbitrary memory access vulnerability with CVE-2012-4225.

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Wed Sep 12 07:19:30 2012	(r304135)
+++ head/security/vuxml/vuln.xml	Wed Sep 12 07:31:22 2012	(r304136)
@@ -4046,8 +4046,10 @@ Note:  Please add new entries to the beg
     <affects>
       <package>
 	<name>nvidia-driver</name>
-	<range><gt>173.14.31_1</gt><lt>295.40</lt></range>
-	<range><ge>100.14.03</ge><lt>173.14.31_1</lt></range>
+	<range><gt>173.14.35</gt><lt>295.71</lt></range>
+	<range><gt>96.43.20_2</gt><lt>173.14.35</lt></range>
+	<range><gt>71.86.15_2</gt><lt>96.43.20_2</lt></range>
+	<range><lt>71.86.15_2</lt></range>
       </package>
     </affects>
     <description>
@@ -4066,14 +4068,26 @@ Note:  Please add new entries to the beg
 	    all users with Geforce 8 or newer, G80 Quadro or newer, and all
 	    Tesla GPUs to update their drivers to 295.40 or later.</p>
 	</blockquote>
+        <p>Later, it was additionally discovered that similar exploit could
+          be achieved through remapping of VGA window:</p>
+	<blockquote cite="http://nvidia.custhelp.com/app/answers/detail/a_id/3140">
+	  <p>NVIDIA received notification of a security exploit that uses
+	    NVIDIA UNIX device files to map and program registers to redirect
+	    the VGA window.  Through the VGA window, the exploit can access
+	    any region of physical system memory.  This arbitrary memory
+	    access can be further exploited, for example, to escalate user
+	    privileges.</p>
+	</blockquote>
       </body>
     </description>
     <references>
       <cvename>CVE-2012-0946</cvename>
+      <cvename>CVE-2012-4225</cvename>
     </references>
     <dates>
       <discovery>2012-03-20</discovery>
       <entry>2012-05-10</entry>
+      <modified>2012-09-12</modified>
     </dates>
   </vuln>