CUDA drivers/Linux security hole

From: gran@classic.chem.msu.su
To: bugtraq@securityfocus.com
Cc:
Subject: CUDA drivers/Linux security hole
Date:


Hello,

We have recently found serious security breach in CUDA Linux drivers:

http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm

http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm

In brief, driver maps pinned memory to user space but does not initialize it to zero. As an example, our simplest "proof of concept" program was able to read large fragments of files being written or read by other users.  

Kind regards,
Alex Granovsky

Firefly Project
http://classic.chem.msu.su/gran/firefly/





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.