NVIDIA GPU Display Driver for Linux Unauthorized File Access Vulnerability

A vulnerability in the NVIDIA GPU Display Driver for Linux could allow an attacker to gain unauthorized access to files. Exploitation of this vulnerability may result in limited information disclosure. The issue is present in the driver versions prior to 550.144.03.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files, allowing for limited information disclosure.

Reproduction

The vulnerability can be reproduced by using the 'nvidia-modprobe' utility, which is a setuid-root helper for the NVIDIA GPU display driver. When 'nvidia-modprobe' is executed with the '-f' option followed by an arbitrary file path, it attempts to open the specified path as root. If the file exists, the program reads and parses its contents, exiting with a success code. However, if the file does not exist, it still exits silently with a success code. This behavior can be exploited by monitoring the program's response to different file paths, using a tool like 'GNU Time' to measure variations in resource usage, such as page faults, which indicate the existence of a file. By analyzing these resource usage patterns, an attacker can infer the presence or absence of files, effectively bypassing normal file permission restrictions.

Remediation

Users can update to NVIDIA GPU Display Driver version 550.144.03 or later to address this vulnerability.