CVE-2014-8298: GLX-INDIRECT (Including CVE-2014-8093, CVE-2014-8098)

Answer ID 3610
Published 12/03/2014 04:32 PM
Updated 12/11/2014 02:13 PM
CVE-2014-8298: GLX-INDIRECT (Including CVE-2014-8093, CVE-2014-8098)

Vulnerability Description:

The GLX indirect rendering support supplied on NVIDIA products is subject to the recently disclosed X.Org vulnerabilities (CVE-2014-8093, CVE-2014-8098) as well as internally identified vulnerabilities (CVE-2014-8298).

Exploit Scope and Risk:

Depending on how it is configured, the X server typically runs with raised privileges, and listens for GLX indirect rendering protocol requests from a local socket and potentially a TCP/IP port. The vulnerabilities could be exploited in a way that causes the X server to access uninitialized memory or overwrite arbitrary memory in the X server process. This can cause a denial of service (e.g., an X server segmentation fault), or could be exploited to achieve arbitrary code execution.


The CVSS Risk assessment is listed below.

CVSS Base Score - 8.3

Exploitability sub-score - 6.5

Access Vector: Adjacent Network

Access Complexity: Low

Authentication: None

Impact sub-score - 10.0

Confidentiality Impact: Complete

Integrity Impact: Complete

Availability Impact: Complete

CVSS temporal sub-score - 3.5

Exploitability: Unproven that Exploit Exists

Remediation Level: Workaround

Report Confidence: Confirmed

CVSS Environmental Score - [determined by user]


NVIDIA's risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. We recommended consulting a local security or IT professional to evaluate the risk of your specific configuration. NVIDIA knows of no known exploits to these issues at this time.

Vulnerable Configurations:

The NVIDIA implementation of GLX indirect rendering is only used in the NVIDIA GPU drivers for Solaris, FreeBSD, VMware ESX, and other Linux based operating systems where an X server is in use. NVIDIA GPU drivers for other operating systems are not affected.

Vulnerability Discovery:

NVIDIA was informed of this issue by public advisement from X.Org participants on Oct 9, 2014, by Adam Jackson and Alan Coopersmith. Internal analysis and additional issues refined by Robert Morell of NVIDIA.


NVIDIA recommends that users upgrade their drivers. Refer to the table below for recommended driver updates and locations.


Scheduled Support Date

Linux Discrete GPU Drivers

Driver Download

Releases prior to 304

Has reached 'end of life' and no longer supported.

R304.125 and better

R304.125 available as of 12/9

R331.113 and better

R331.113 available as of 12/9

R340.65 and better

R340.65 available as of 12/9

R343.36 and better

R343.36 available as of 12/9

R346.22 and better

R346.22 Beta available as of 12/9

Linux for Tegra (L4T) Products

Linux for Tegra Download


No fix planned-update to R21.2


No fix planned - update to R21.2


Release planned for 12/9/2014

Chrome OS

R40 or better

Contact Google support for release information

CUDA Toolkit SDK

CUDA Toolkit SDK Download

To patch the CUDA Toolkit SDK 6.0 and 6.5 installation, install the updated drivers with the security patch from Release 331 and Release 340

For CUDA 5.5, Release 319 is no longer supported, however all toolkits are compatible with later drivers. Customers should install the patch from Release 331 or 340

CUDA 5.5

R331.113 or R340.65, available as of 12/9

CUDA 6.0

R331.113 available as of 12/9

CUDA 6.5

R340.65 available as of 12/9


You may consider either of the following steps to help further mitigate against GLX protocol vulnerabilities:

  • Configure the X server to prohibit X connections from the local area network (by passing the "-nolisten tcp" command line option to the X.Org X server). Many Linux distributions already set this option by default. Consult your operating system's documentation for details on setting X server command line options
  • Disable GLX indirect contexts. With any of the fixed NVIDIA driver versions mentioned above, indirect GLX contexts can be prohibited by setting the "AllowIndirectGLXProtocol" X configuration option to False, or setting the "-iglx" X server command line option on X.Org 1.16 or newer.
Was this answer helpful?
Your rating has been submitted, please tell us how we can make this answer more useful.


Chat online with one of our support agents



Contact Support for assistance