LinuxQuestions.org
Page 2 of 3 1 2 3
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Beware the Nvidia blob (https://www.linuxquestions.org/questions/linux-general-1/beware-the-nvidia-blob-4175419968/)

sycamorex 08-02-2012 10:21 AM
Quote:
Originally Posted by brianL (Post 4744194)
Mmmm.
Should we:
PANIC!!!
or:
DON'T PANIC!!!
:scratch:
Flip a coin and be happy with your choice:)

273 08-02-2012 10:23 AM
I'm assuming that there's a known privilege escalation exploit on my machine, as well as the unknown or less documented ones. I suppose being more careful about third party software until it's fixed might be in order. WebGL sites ought to be avoided like the plague too and NoScript left on a bit more.

brianL 08-02-2012 10:24 AM
I'm used to being exploited. Usually by women, who only want me for my body. A mere sex-object...sigh...
:)

brianL 08-02-2012 10:30 AM
On topic:
http://archive.org/details/TheBlobTrailer
:)

H_TeXMeX_H 08-02-2012 11:05 AM
Quote:
Originally Posted by 273 (Post 4744171)
Hmm, after reading that link I think we're not safe. If the code's running in kernel space, but crashing, that means kernel space can be accessed through the exploit from userspace. Or am I misreading the comments on the linked page?
Yes, I think you are right.

Quote:
Originally Posted by PaXTeam
Posted Aug 2, 2012 10:42 UTC (Thu) by PaXTeam (subscriber, #24616) [Link]
note the faulting insn: RIP: 0010:[<00000000004016a7>]

it's code in the *kernel's* code segment with a *userland* address (PaX/KERNEXEC and CR4.SMEP stop exactly this kind of exploit method, but this looks like a powerful bug, it could be exploited other ways). that is, the kernel is executing userland provided code, that's already proof for privilege escalation and the oops is due to the exploit's kernel payload not being bullet proof (something that's not hard to fix up, if that's your game).
Either way, the bigger problem is not the exploit itself, but rather the time it takes Nvidia to fix it. If it were an exploit in FLOSS like the mainline kernel it would be fixed as soon as it is found. As you can see from the other links in the OP article, Nvidia may never fix it at all.

brianL 08-02-2012 11:30 AM
So we're OK as far as that particular exploit is concerned, but vulnerable to other exploits?

GazL 08-02-2012 12:55 PM
Quote:
Originally Posted by brianL (Post 4744248)
So we're OK as far as that particular exploit is concerned, but vulnerable to other exploits?
Better to think of it as the exploit being buggy, but they could fix it quite easily if only they could be bothered.

brianL 08-02-2012 01:02 PM
Thanks, GazL.

volkerdi 08-02-2012 01:06 PM
Even without the exploit, Tavis Ormandy pointed out on oss-security that an unprivileged user could use nvidiactl to disable the fans, engage maximum overclocking, and then submit a heavy workload to the GPU. In a worst case scenario, something like that could actually cause the machine to start on fire. At the least, it would be likely to fry the video card.

brianL 08-02-2012 01:07 PM
I'd better keep a fire extinguisher handy.

John VV 08-02-2012 02:37 PM
exploits !!!
everybody has them
Quote:
I am never going back to the blob, because it is not stable, not secure, not FLOSS, and not much better than nouveau for what I use.
it is stable it is Xorg that is the issue
the "new and improved " updated for the sake of updating ,for nothing new added

fogpipe 08-02-2012 09:30 PM
I like the nvidia drivers. In my experience they are stable and fast and easy enough to install. I actually dont even care that there may be a workable local exploit involving them. A remote exploit i might worry about, but if someone i dont trust is in my apartment near my computer, computer security is probably the least of my problems at that point.
The nouveau drivers otoh just never worked for me, every linux distro i installed lately, the first thing is blacklisting the nouveau drivers.
As someone who is more interested in what works rather than politics, i wish someone cared enough to test stuff like nouveau more before it was released. The old NV module was usable, that has not been my experience with nouveau.

T3slider 08-02-2012 09:42 PM
Quote:
Originally Posted by fogpipe (Post 4744603)
I like the nvidia drivers. In my experience they are stable and fast and easy enough to install. I actually dont even care that there may be a workable local exploit involving them. A remote exploit i might worry about, but if someone i dont trust is in my apartment near my computer, computer security is probably the least of my problems at that point.
If someone can gain unprivileged user access to your box remotely then they can still use the nVidia exploit to gain root access. It just means that two stages of vulnerabilities need to be exploited -- one to gain access to the box and the other to elevate privileges.
Quote:
Originally Posted by fogpipe (Post 4744603)
The nouveau drivers otoh just never worked for me, every linux distro i installed lately, the first thing is blacklisting the nouveau drivers.
As someone who is more interested in what works rather than politics, i wish someone cared enough to test stuff like nouveau more before it was released. The old NV module was usable, that has not been my experience with nouveau.
While this certainly doesn't make the nouveau drivers any better, it should be stated that nv received some official support from nVidia, while nouveau does not. It isn't really the fault of the Linux devs that nVidia will not release technical specifications. The pragmatic approach would still tell you (and me) to use the blob, but it's not really fair to criticize the nouveau drivers -- they are a spectacular effort for reverse-engineered drivers. That still doesn't make them good, of course.

k3lt01 08-02-2012 09:48 PM
Thanks for the information.
Quote:
Originally Posted by H_TeXMeX_H (Post 4744066)
I am posting this in the Slackware forum because perhaps people here care more about security and stability than in other forums.
I believe this should be in the Linux General forum and I will report it as such. Linux is a community, we all care about the community and its security.

ReaperX7 08-02-2012 10:21 PM
Quote:
Originally Posted by T3slider (Post 4744611)
If someone can gain unprivileged user access to your box remotely then they can still use the nVidia exploit to gain root access. It just means that two stages of vulnerabilities need to be exploited -- one to gain access to the box and the other to elevate privileges.

While this certainly doesn't make the nouveau drivers any better, it should be stated that nv received some official support from nVidia, while nouveau does not. It isn't really the fault of the Linux devs that nVidia will not release technical specifications. The pragmatic approach would still tell you (and me) to use the blob, but it's not really fair to criticize the nouveau drivers -- they are a spectacular effort for reverse-engineered drivers. That still doesn't make them good, of course.
Nouveau may not be better in many ways, but in others they really have made huge leaps in how drivers can be made through reverse engineering. The one thing is with Nouveau you have a safe driver, whereas with the blob, you have a problem that can be easily exposed, and exploited by someone.

Honestly, I don't mind using Nvidia's blob, but it's just so invasive of the system.


All times are GMT -5. The time now is 01:59 AM.
Page 2 of 3 1 2 3
Show 50 post(s) from this thread on one page