Name | CVE-2006-5379 |
Description | The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Debian Bugs | 393573 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
nvidia-graphics-drivers (PTS) | jessie/non-free | 340.106-1 | fixed |
stretch/non-free (security), stretch/non-free (lts), stretch/non-free | 390.144-1~deb9u1 | fixed | |
buster/non-free | 418.226.00-3 | fixed | |
bullseye/non-free | 470.256.02-2 | fixed | |
bookworm/non-free-firmware | 535.183.01-1~deb12u1 | fixed | |
sid/non-free-firmware, trixie/non-free-firmware | 535.216.01-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
nvidia-graphics-drivers | source | sarge | (not affected) | |||
nvidia-graphics-drivers | source | (unstable) | 1.0.8776-1 | 393573 |
[sarge] - nvidia-graphics-drivers <not-affected> (1.0.7174 not affected)
see http://nvidia.custhelp.com/cgi-bin/nvidia.cfg/php/enduser/std_adp.php?p_faqid=1971