CVE-2014-8298
NVIDIA GPU Driver Multiple Versions - Remote Code Execution via GLX Indirect Rendering Protocol
Title source: llmDescription
The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/3610
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
Scores
EPSS
0.0150
EPSS Percentile
81.4%
Details
CWE
CWE-19
Status
published
Products (11)
nvidia/gpu_driver
r304.125
nvidia/gpu_driver
r331.00
nvidia/gpu_driver
r331.112
nvidia/gpu_driver
r340.00
nvidia/gpu_driver
r340.65
nvidia/gpu_driver
r343.00
nvidia/gpu_driver
r343.36
nvidia/gpu_driver
r346.00
nvidia/gpu_driver
r346.22
nvidia/gpu_driver
< r21.2
... and 1 more
Published
Dec 10, 2014
Tracked Since
Feb 18, 2026