If you’re using Nvidia graphic card and you installed the Nvidia graphic card driver via the Welcome screen please update your driver using this guide:
The Nessus basic network scan found my driver as vulnerable. The driver I had installed was v340
I’m confused, as Welcome does offer the option to install the latest NVIDIA driver PPA (in the Getting Started / Drivers page). The one found in Software & Updates by default uses the packages provided by Ubuntu (considered “stable” and well tested).
How did Nessus identify your NVIDIA card vulnerable?
Description
The version of the NVIDIA GPU display driver installed on the remote Linux host is 375.x prior to 375.66 or 381.x prior to 381.22. It is, therefore, affected by multiple vulnerabilities:
-
A flaw exists in the kernel mode layer handler due to improper validation of user-supplied input before it is used in offset calculations. A local attacker can exploit this to cause a denial of service condition or potentially to gain elevated privileges. (CVE-2017-0350)
-
A NULL pointer dereference flaw exists in the kernel mode layer handler due to improper validation of user-supplied input. A local attacker can exploit this to cause a denial of service condition or potentially to gain elevated privileges. (CVE-2017-0351)
-
A flaw exists in the GPU firmware due to incorrect access control that may allow CPU software to access sensitive GPU control registers. A local attacker can exploit this to gain elevated privileges.
(CVE-2017-0352)
Solution
Upgrade the NVIDIA graphics driver to version 375.66 / 381.22 or later in accordance with the vendor advisory.
See Also
http://nvidia.custhelp.com/app/answers/detail/a_id/4462
Note I screwed around with startup services, such as avahi daemon, so I might have contributed to not getting the latest version via the welcome screen
1 Like
My log files are empty: auth.log and syslog. It is a fresh install of Ubuntu Mate. Is this normal or have I been compromised?
Thanks
Note I made a mistake as referring to the version of the driver; it was version 375.x. My apologies
Thanks for providing the details of the security report.
Not sure if it’s normal for a fresh install, but it could just a permissions thing.
Chances of being compromised would be extremely low as they were potential exploits with no known attempts. Plus Windows, being the largest user base with an awful lot more vulnerabilities would have been a hacker’s first target.
1 Like
For any users looking for a graphical way to update their drivers, Welcome offers to add the latest NVIDIA drivers on your system -- head over to the Drivers page in Getting Started:
Click the orange button to add the repository:
Then open Additional Drivers, install the latest version you see (at the moment, 381.22), then restart your computer. 
Why would you be compromised anyway?
Unless I’m reading that security notice wrong, the vulnerabilities listed allow only:
- Denial Of Service
- Privilege Escalation
For this to matter, and attacker would have to already have arbitrary code execution access to your machine.
2 Likes
Hi, I am not IT savvy, so I ask for opinion from people who are smarter and more knowledgeable than I am. Not implying anything. Cheers.
I followed the guidelines: /etc/init.d/rsyslog restart and everything is good. Thanks 