The NVIDIA Binary Graphics Driver for Linux is vulnerable to a
buffer overflow that allows an attacker to run arbitrary code as
root. This bug can be exploited both locally or remotely (via
a remote X client or an X client which visits a malicious web page).
A working proof-of-concept root exploit is included with this
advisory.

The NVIDIA drivers for Solaris and FreeBSD are also likely to be
vulnerable.

Link (http://download2.rapid7.com/r7-0025/)

Yay for root exploit.
It's a shame it was reported long ago.
I wonder how many vendors who supply closed sources drivers for *nix have this kind of problems.

Moreover, what about a remotely exploitable vulnerabilty giving root access to a internet connected console? It would be a perfect vertor for network attacks (spam-botnets, DDoS, code cracking).