合肥本本之星合肥Thinkpad专卖店合肥Apple专卖店 hfthink 合肥本之星信息科技有限公司

标题: NVIDIA GPU内核驱动程序泄露 [打印本页]

作者: 合肥亮少 时间: 2016-12-21 09:53 标题: NVIDIA GPU内核驱动程序泄露

故障现象:

Lenovo 安全公告：LEN-5551

潜在影响：权限提升、信息披露风险、服务崩溃或拒绝服务

严重性：高

影响范围：全行业

摘要描述：

2016 年 3 月 21 日，NVIDIA 公布了三项重大的驱动程序漏洞。大多数 GeForce、Quadro 和 NVS NVIDIA 产品均采用这些驱动程序。

CVE-2016-2556：内核驱动程序泄露可能会允许访问受限功能

CVE-2016-2557：内核驱动程序泄露可以授予内存访问权限

CVE-2016-2558：内核驱动程序泄露会允许不受信任的指针

可在 NVIDIA 的产品安全网站 中找到有关这些漏洞的更多信息。

解决方案:

应采取哪些措施进行自我保护：

Lenovo 目前正对所有适用的受影响产品上更新的 NVIDIA 驱动程序进行认证。质量保证测试结束后，更新的驱动程序将发布到受影响产品的 Lenovo 支持站点。请参阅以下“产品影响”部分，查看产品修复程序列表。受影响产品的驱动程序通过认证后，您将能直接链接到驱动程序下载页面。建议您经常访问此安全公告以寻找适用于您产品的最新合格驱动程序的链接。

如果此漏洞使您处于不可接受的风险水平，并且您希望在适用于您产品的、经 Lenovo 认证的驱动程序发布之前缓解这一问题，可以访问 NVIDIA 安全网页（www.nvidia.com/security），下载和安装参考驱动程序。请注意，Lenovo 尚未对参考驱动程序进行认证。如果您因为安装 NVIDIA 支持站点上的驱动程序而遇到问题，请直接联系 NVIDIA。当 Lenovo 认证的驱动程序可通过 Lenovo 支持站点下载时，Lenovo 建议您卸载 NVIDIA 参考驱动程序并升级至 Lenovo 支持站点版本。

产品影响：

以下受该漏洞影响的产品现已修复。对其他 Lenovo 产品的调查仍在进行，如有其他修复程序发布，我们会及时将其更新到此公告中。请随时查看该公告是否有更新。

台式机

产品	最低修复程序版本	链接
Horizon 2 27 Table PC	359.1	http://support.lenovo.com/downloads/DS104047
Horizon2e Table PC	359.1	http://support.lenovo.com/downloads/DS103250
Lenovo A540 All In One (Broadwell)	359.1	http://support.lenovo.com/downloads/DS111761
Lenovo A740 All-In-One - BDW	359.1	http://support.lenovo.com/downloads/DS111761
Lenovo A9050	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo B2200	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo B3300	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo B4030	359.1	http://support.lenovo.com/downloads/DS103250
Lenovo B40-30 All-In-One	359.1	http://support.lenovo.com/downloads/DS103250
Lenovo B40-30 Touch All-In-One	359.1	http://support.lenovo.com/downloads/DS103250
Lenovo B4550	359.14	http://support.lenovo.com/downloads/DS103250
Lenovo B5030	359.4	http://support.lenovo.com/downloads/DS112072
Lenovo B50-30 All-In-One	359.4	http://support.lenovo.com/downloads/DS112072
Lenovo B50-30 Touch All-In-One	359.4	http://support.lenovo.com/downloads/DS112072
Lenovo B5040	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo B5900	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo C2030	359.1	http://support.lenovo.com/downloads/DS111762
Lenovo C20-30 All-In-One	359.1	http://support.lenovo.com/downloads/DS111762
Lenovo C360 All-In-One	359.1	http://support.lenovo.com/downloads/DS103250
Lenovo C4030	359.1	http://support.lenovo.com/downloads/DS112370
Lenovo C40-30 All-In-One	359.1	http://support.lenovo.com/downloads/DS112370
Lenovo C460 All-In-One	359.1	http://support.lenovo.com/downloads/DS103250
Lenovo C560 All-In-One	359.1	http://support.lenovo.com/downloads/DS111762
Lenovo M2200	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M3300	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M3320n-00 - china only	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M4350 Desktop	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M4360 ID	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M4500	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M4500 ID	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M4550 ID	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M5900	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M5900n - China only	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo M6500 ID	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo R3900d - China only	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
Lenovo S50-30	359.4	http://support.lenovo.com/downloads/DS112072
Lenovo T3900v-00 - China only	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN 4500	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN 4500-C	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN B2200	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN B2300	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN B3300	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN B4550	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN B4650	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN B5900	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M2200	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M2300	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M3300	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M4550	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M4600	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M4650	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M5900	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M6500	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
QITIAN M6600	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCenter M700z	359.4	http://support.lenovo.com/downloads/DS112072
ThinkCenter M800z	359.4	http://support.lenovo.com/downloads/DS112072
ThinkCentre E73Z (AIO)	359.4	http://support.lenovo.com/downloads/DS112072
ThinkCentre E93Z (AIO)	359.4	http://support.lenovo.com/downloads/DS112072
ThinkCentre E93z FO	359.4	http://support.lenovo.com/downloads/DS112072
ThinkCentre M4350t/s	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M4500k	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M4500t/s	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M4600t/s	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M6500t/s - China only	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M6600	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M6600t/s	359.14	http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetail.aspx?ID=45394
ThinkCentre M700z	359.4	http://support.lenovo.com/downloads/DS112072
ThinkCentre M73Z (AIO)	359.4	http://support.lenovo.com/downloads/DS112072

IdeaPad

产品	最低修复程序版本	链接
500S-14ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
500S-14ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
700-15ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS105101
700-17ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS105101
B41-30	10.18.13.547...	http://support.lenovo.com/downloads/DS105015
B51-30	10.18.13.547...	http://support.lenovo.com/downloads/DS105015
B70-80	10.18.13.547...	http://support.lenovo.com/downloads/DS104026
Edge21580	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
Flex3-1470	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
FLEX3-1480	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
Flex3-1570	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
FLEX3-1580	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
G70-80	10.18.13.547...	http://support.lenovo.com/downloads/DS104026
ideapad300-14IBR	10.18.13.547...	http://support.lenovo.com/downloads/DS104026
ideapad300-15IBR	10.18.13.547...	http://support.lenovo.com/downloads/DS104026
LenovoYoga500-14IBD	10.18.13.547...	http://support.lenovo.com/downloads/DS104087
LenovoYoga500-14ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
LenovoYoga500-15IBD	10.18.13.547...	http://support.lenovo.com/downloads/DS104087
LenovoYoga500-15ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS104702
M51-80		点击此处更新>>
RESCUER-14		点击此处更新>>
Y700-14ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS105101
Y700-15ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS105101
Y700-17ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS105101
Y700Touch-15ISK	10.18.13.547...	http://support.lenovo.com/downloads/DS105101
Z70-80	10.18.13.547...	http://support.lenovo.com/downloads/DS104026

System x

产品	最低修复程序版本	链接
BladeCenter HS22	354.74	点击此处下载>>
BladeCenter HS23	354.74	点击此处下载>>
BladeCenter HS23E	354.74	点击此处下载>>
Flex System x220 M4	354.74	点击此处下载>>
Flex System x240 M4	354.74	点击此处下载>>
iDataPlex dx360 M2	354.74	点击此处下载>>
iDataPlex dx360 M3	354.74	点击此处下载>>
iDataPlex dx360 M4	354.74	点击此处下载>>
iDataPlex dx360 M4 Water Cooled	354.74	点击此处下载>>
NeXtScale nx360 M4	354.74	点击此处下载>>
System x3100 M4	354.74	点击此处下载>>
System x3300 M4	354.74	点击此处下载>>
System x3500 M2	354.74	点击此处下载>>
System x3500 M3	354.74	点击此处下载>>
System x3500 M4	354.74	点击此处下载>>
System x3530 M4	354.74	点击此处下载>>
System x3550 M2	354.74	点击此处下载>>
System x3550 M3	354.74	点击此处下载>>
System x3550 M4	354.74	点击此处下载>>
System x3560 M2	354.74	点击此处下载>>
System x3630 M3	354.74	点击此处下载>>
System x3630 M4	354.74	点击此处下载>>
System x3650 M3	354.74	点击此处下载>>
System x3650 M4	354.74	点击此处下载>>
System x3650 M4 BD	354.74	点击此处下载>>
System x3650 M4 HD	354.74	点击此处下载>>

System x – IBM

产品	最低修复程序版本	链接
Flex System x240 M4	354.74	点击此处下载>>
Flex System x240 M5	354.74	点击此处下载>>
NeXtScale nx360 M5	354.74	点击此处下载>>
System x3500 M5	354.74	点击此处下载>>
System x3550 M5	354.74	点击此处下载>>
System x3650 M5	354.74	点击此处下载>>
System x3850 X6	354.74	点击此处下载>>
System x3950 X6	354.74	点击此处下载>>

[url=]ThinkPad[/url]

产品	最低修复程序版本	链接
ThinkPad Edge E440/E540	10.18.13.5435/10.18.15.4240	点击此处下载>>
ThinkPad L430	354.74	点击此处下载>>
ThinkPad L440/L540	20.19.15.4377/10.18.13.5937	点击此处下载>>
ThinkPad P40	10.18.13.5937/20.19.15.4377	点击此处下载>>
ThinkPad P50	354.74	点击此处下载>>
ThinkPad P70	354.74	点击此处下载>>
ThinkPad S3 Yoga 14	10.18.14.4099 /10.18.13.5937	点击此处下载>>
ThinkPad S430	354.74	点击此处下载>>
ThinkPad T430	354.74	点击此处下载>>
ThinkPad T430i	354.74	点击此处下载>>
ThinkPad T430s	354.74	点击此处下载>>
ThinkPad T430si	354.74	点击此处下载>>
ThinkPad T440	354.74	点击此处下载>>
ThinkPad T440p	354.74	点击此处下载>>
ThinkPad T440s	354.74	点击此处下载>>
ThinkPad T450/T450s	10.18.13.5937 / 10.18.15.4256	点击此处下载>>
ThinkPad T460	10.18.13.5923 / 20.19.15.4380	点击此处下载>>
ThinkPad T460p	10.18.13.5923 / 20.19.15.4352	点击此处下载>>
ThinkPad T530	354.74	点击此处下载>>
ThinkPad T530i	354.74	点击此处下载>>
ThinkPad T540p	354.74	点击此处下载>>
ThinkPad T550	354.74	点击此处下载>>
ThinkPad W530	354.74	点击此处下载>>
ThinkPad W540	354.74	点击此处下载>>
ThinkPad W541	354.74	点击此处下载>>
ThinkPad W550s	354.74	点击此处下载>>
ThinkPad Yoga 14 460 S3	10.18.13.5937/20.19.15.4377	点击此处下载>>
ThinkPad Yoga 15	354.74	点击此处下载>>

ThinkServer

产品	最低修复程序版本	链接
ThinkServer TS130	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer TS430	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer RD650	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer TD340	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer RQ750	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer TS150	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer TS450	354.74	http://support.lenovo.com/downloads/DS106013
ThinkServer TS140	354.74	http://support.lenovo.com/downloads/DS106013

其他信息和参考资料：

CVE-2016-2556, CVE-2016-2557, CVE-2016-2558

修订历史：

版本	日期	描述
1.0	3/22/2016	初始版本

欢迎光临合肥本本之星合肥Thinkpad专卖店合肥Apple专卖店 hfthink 合肥本之星信息科技有限公司 (http://hfthink.com/)