NVidia's closed-source UNIX binary drivers are vulnerable to a particularly nasty exploit. There's no fix in the stable driver release tree yet, but the current 9xxx beta version is not vulnerable. You should get the latest beta here: BETA Drivers Note1: If you click on the proof-of-concept link in that nvnews forum link while running Firefox, I hope you've saved any open documents. Note2: The latest Beta drivers are rock-solid for me, and seem to perform better in Doom3 than the mainstream drivers. So far, so good.
Certainly raises the argument for using the open source 'nv' driver. Shame that it has no 3D capabilities whatsoever though. I assume that this proof of concept vunerability effects the nVidia legacy driver as well? If so, I wonder if it will be updated also?
Good question. Actually, my wife is running a legacy version of the driver, and I was unable to reproduce it on her machine. It seems to affect only the later builds of the driver. But for the rest of us, if you want fast 3D for NVidia, right now the beta drivers are the only reasonable option.
Damn nVidia :doh: I have been running the nv driver for a few months now due to laziness and I may now never install the proprientary 3d driver. I've been fine without it so far. I try really hard to like nVidia but this is crappy.
Agreed. That said, the beta driver seems quite solid so far, and is not vulnerable to this exploit. So if you want good 3D accelleration with NVidia in UNIX, you should get the latest build of the beta drivers.
Overall the nVidia stable drivers have worked fine for me so far. I'll upgrade to the beta when I get home. Question though, how would I actually do it through the Debian way?
Make sure your kernel headers match the installed kernel, download the drivers from Nvidia, and run something like the following: Code: sh NVIDIA-Linux-x86-1.0-9625-pkg1.run --x-module-path=/usr/lib/xorg/modules/ -aqNX --no-runlevel-check
Update: NVidia has released a non-beta version of the 8xxx series driver which contains the fix. Get it here: Unix Drivers Portal Page
NVidia didn't forget freeBSD. This is good news. If only other commercial vendors were this fast in patching the holes.
