DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
August 21, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 51 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

Old NVIDIA GPU driver bug breaks Chrome's privacy mode

Posted on Monday, January 11 2016 @ 14:21:04 CET by


NVIDIA logo
UPDATE: January 13, 2016: It appears this issue occurs exclusively on Mac OS X. NVIDIA claims there's no issue with its drivers and points to a memory management issue in OS X.




A Canadian student hacker named Evan Andersen discovered a bug in NVIDIA's GeForce drivers that makes it possible to retrieve webpages that were viewed in Google Chrome's incognito browsing mode. Andersen says he discovered the bug when he was greeted by an adult entertainment video, which he watched a couple of hours before, when he launched Diablo III.

Upon closer investigation, Andersen discovered that when you close Chrome's incognito mode, the GPU frame buffer is not cleared but added to the pool of free GPU memory. This enables previous contents to leak to other applications.
This is a serious problem. It breaks the operating system’s user boundaries by allowing non-root users to spy on each other. Additionally, it doesn’t need to be specifically exploited to harm users – it can happen purely by accident. Anyone using a shared computer could be exposing anything displayed on their screen to other users of the computer.

It’s a fairly easy bug to fix. A patch to the GPU drivers could ensure that buffers are always erased before giving them to the application. It’s what an operating system does with the CPU RAM, and it makes sense to use the same rules with a GPU. Additionally, Google Chrome could erase their GPU resources before quitting
Andersen submitted a bug report to both NVIDIA and Google in 2014. NVIDIA acknowledged the issue but has still not fixed the problem. Google on the other hand marked it as a bug it won't fix, claiming incognito mode is not designed to protect you against other users on the same PC.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba