After Sitting on a Vulnerability for a Month, Nvidia Finally Fixes Its GPU Driver

The relation between Nvidia and Linux worsens each day, as Linus Torvalds spills hatred for Nvidia publicly. He even went to the extent of uttering the f-word for Nvidia (with a finger gesture), in a public presentation. That should tell us enough, and it is a known fact that every Linux user has had bad experiences with Nvidia’s driver support for Linux, at some point of time.


While Nvidia provides the best closed-source graphics driver as compared to AMD, it is not good enough. That is because; AMD provides better open-source graphics drivers and some acceptable documentation too. Nvidia only allows its proprietary driver to be reverse engineered as part of the Nouveau project. To make things worse, the Nvidia proprietary driver for Linux just earned fame that is even more notorious.

The proprietary graphics driver released by Nvidia had a serious security flaw, and it was reported to Nvidia more than a month ago. However, Nvidia decided to ignore the vulnerability completely and did not act upon it until someone went public with it. After a month, David Airlie, who is a well-known Linux developer, made the exploit public. It was then that Nvidia came out of its reluctance and decided to do something.

The vulnerability allowed root access, and it was blocked by denying user-space access to the registers which could be programmed to redirect the VGA window unwantedly. The vulnerability affected not only Linux x86 and x86_64 drivers, it also made FreeBSD and Solaris potentially vulnerable. Nvidia has released a new version of its driver for Unix- version 304.32, and patched older versions.

Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.