CVE-2014-8298
EPSS 1.5%
Description
The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.
How to fix CVE-2014-8298
To remediate CVE-2014-8298, upgrade the affected package to a fixed version below.
- Debian/nvidia-graphics-drivers—upgrade to 340.65-1 or later
Is CVE-2014-8298 being exploited?
Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 340.65-1