[CentOS] CentOS 3.8 Kernel Update with NVIDIA Video Card

Sat Oct 21 18:44:29 UTC 2006
Ben Mohilef <benm at dsl-only.net>

> On Oct 20, 2006, at 22:22, Corwin Burgess wrote:
> 
> > I can think of two ways to solve this problem but I'd rather have  
> > some expert advice. What's the best way to boot with the new  
> > kernel, install the nvidia driver and of course update the NVIDIA  
> > kernel module?
> 
> The following worked for me:
> 
>    1. Download the latest driver packager from NVIDIA (e.g., NVIDIA- 
> Linux-x86-1.0-8774-pkg1.run)

============

I wouldn't.
  
The following is extracted from "NVIDIA Binary Graphics Driver for Linux 
Buffer Overflow Vulnerability", Secunia Security Advisories:

> http://secunia.com/advisories/22419/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> Privilege escalation, DoS, System access
> 
> WHERE:
> >From remote
> 
> SOFTWARE:
> NVIDIA Graphics Drivers for Linux 1.x
> 
...
> Successful exploitation allows execution of arbitrary code with
> "root" privileges.
> 
> The vulnerability is reported in versions 8774 and 8762. Other
> versions may also be affected.
...
> SOLUTION:
> Disable accelerated rendering ("RenderAccel" option).
> 
> Use another graphics driver.
> 
> The vulnerability has reportedly been fixed in the 1.0-9625 beta
> driver.


The beta seems to have worked  for the Secunia guys. 
The nv driver should work but without 3D support.
NVidia is aware of the problem and should release a fixed "production" 
driver soon. 

regards,

benm