From owner-freebsd-security@FreeBSD.ORG  Fri Aug 10 16:04:39 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4320B1065672;
	Fri, 10 Aug 2012 16:04:39 +0000 (UTC) (envelope-from snabb@epipe.com)
Received: from angkar.epipe.com (angkar.epipe.com [IPv6:2001:470:b:566::4])
	by mx1.freebsd.org (Postfix) with ESMTP id 104508FC0C;
	Fri, 10 Aug 2012 16:04:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=epipe.com;
	s=default; 
	h=Content-Transfer-Encoding:Content-Type:In-Reply-To:References:Subject:CC:To:MIME-Version:From:Date:Message-ID;
	bh=EEE483keu0KdyNq1cGANuJTD3F9ogRGy26oxqeTiKwU=; 
	b=doamFba0AUlUxEZyHzM60rLoha8X1Yk8BIGfxkPWuVhiBRKzkWWfkEOa10DkS6V1SeghOxbb08eneCjnWxsddCAwevs619lhcZl5e0w50wdYU9gJVBV1QWPgmmy6OV4O7NsQ8ZCpA26otVPk45ZPklFdIuYyBYvQhjBaI0kA7vQ=;
Received: by angkar.epipe.com with esmtpsa
	(TLS1.0:ECDHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80)
	(envelope-from <snabb@epipe.com>)
	id 1SzrhR-0003S1-Li; Fri, 10 Aug 2012 16:04:33 +0000
Message-ID: <502530E2.1070308@epipe.com>
Date: Fri, 10 Aug 2012 23:03:46 +0700
From: Janne Snabb <snabb@epipe.com>
MIME-Version: 1.0
To: "Simon L. B. Nielsen" <simon@qxnitro.org>
References: <CAPjTQNHv9CiLYu-r3OHHZfF1HhHYL7yuiefjOD8BqZm8hi3o=Q@mail.gmail.com>
	<501F7A35.5080207@FreeBSD.org> <501FAF5E.6090101@gwdg.de>
	<20120808103406.GA56960@FreeBSD.org>
	<20120808123843.GA31238@atarininja.org>
	<CAC8HS2HKvDj0GsFToG0zOjTpF+h-Dx9C+woUhX97j2DyFpC9wg@mail.gmail.com>
In-Reply-To: <CAC8HS2HKvDj0GsFToG0zOjTpF+h-Dx9C+woUhX97j2DyFpC9wg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Alexey Dokuchaev <danfe@freebsd.org>, Doug Barton <dougb@freebsd.org>,
	Wesley Shields <wxs@freebsd.org>, Oliver Pinter <oliver.pntr@gmail.com>,
	freebsd security <freebsd-security@freebsd.org>,
	Rainer Hurling <rhurlin@gwdg.de>, freebsd-ports@freebsd.org
Subject: Re: [Full-disclosure] nvidia linux binary driver priv escalation
 exploit
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Aug 2012 16:04:39 -0000

On 08/10/2012 09:35 PM, Simon L. B. Nielsen wrote:
[..]
>>>>> On 08/01/2012 05:09, Oliver Pinter wrote:
>>>>>> I found this today on FD:
>>>>>>
>>>>>> http://seclists.org/fulldisclosure/2012/Aug/4
[..]
> Eh, why wouldn't a CVE name not be assigned? If none is we should ask
> MITRE to assign one, but it would surprise me if NVIDIA or a Linux
> vendor hasn't done this already.

This is from oss-security:

-------- Original Message --------
Subject: Re: [oss-security] CVE Request: NVidia Linux driver
Date: Wed, 8 Aug 2012 18:46:34 -0400 (EDT)
From: cve-assign@mitre.org
Reply-To: oss-security@lists.openwall.com
To: marc.deslauriers@canonical.com
CC: cve-assign@mitre.org, oss-security@lists.openwall.com,
security@ubuntu.com

> http://seclists.org/fulldisclosure/2012/Aug/4
> http://nvidia.custhelp.com/app/answers/detail/a_id/3140

Use CVE-2012-4225.

-- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]