If you're running a Nvidia graphics driver on Linux systems at you organization or home, network security company Rapid7 suggests you disable it immediately. According to a security advisory released today by Rapid7: "the Nvidia Binary Graphics Driver for Linux [v8774 and v8762] is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. This bug can be exploited both locally or rem If you’re running a Nvidia graphics driver on Linux systems at you organization or home, network security company Rapid7 suggests you disable it immediately. According to a security advisory released today by Rapid7: “the Nvidia Binary Graphics Driver for Linux [v8774 and v8762] is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. This bug can be exploited both locally or remotely (via a remote X client or an X client which visits a malicious Web page).”The Nvidia drivers for Solaris and FeeeBSD are also likely to be vulnerable, according to the advisory. The solution, Rapid7 says, is to disable the binary blob driver and use the open-source “nv” driver that is included by default with X. The aforementioned binary closed-source blob provides graphics acceleration, unlike its open-source counterpart. The blob “contains an error in its accelerated rendering of glyphs (text character data) that can be exploited to write arbitrary data to anywhere in memory.”InfoWorld Senior Editor and “Open Enterprise” Columnist Neil McCallister wrote about the usage of proprietary blobs in drivers not too long ago. He observed that making these blobs open source could, among other things, “bring the ability to leverage community development to squash critical flaws such as the exploits that recently plagued Intel’s wireless drivers”. Seems we can now add Nvidia’s flaw to the list. Technology Industry