You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa nvidia graphics drivers

Sigurnosni nedostaci programskog paketa nvidia graphics drivers

by Vlatka Mišić - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4689-1
January 11, 2021

nvidia-graphics-drivers-390, nvidia-graphics-drivers-450,
nvidia-graphics-drivers-460 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.10
– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in NVIDIA graphics drivers.

Software Description:
– nvidia-graphics-drivers-390: NVIDIA binary X.Org driver
– nvidia-graphics-drivers-450: NVIDIA binary X.Org driver
– nvidia-graphics-drivers-460: NVIDIA binary X.Org driver

Details:

It was discovered that the NVIDIA GPU display driver for the Linux kernel
contained a vulnerability that allowed user-mode clients to access legacy
privileged APIs. A local attacker could use this to cause a denial of
service or escalate privileges. (CVE-2021-1052)

It was discovered that the NVIDIA GPU display driver for the Linux kernel
did not properly validate a pointer received from userspace in some
situations. A local attacker could use this to cause a denial of service.
(CVE-2021-1053)

Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux
kernel did not properly restrict device-level GPU isolation. A local
attacker could use this to cause a denial of service or possibly expose
sensitive information. (CVE-2021-1056)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
xserver-xorg-video-nvidia-390 390.141-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.20.10.1

Ubuntu 20.04 LTS:
xserver-xorg-video-nvidia-390 390.141-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
xserver-xorg-video-nvidia-390 390.141-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to reboot your
computer to make all the necessary changes.

References:
https://usn.ubuntu.com/4689-1
CVE-2021-1052, CVE-2021-1053, CVE-2021-1056

Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.18.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl/8vwYACgkQLwmejQBe
gfQp9A//RSfeI5F0pFrk3l9IuTnXaHUnSR/jPhwMi8lrC4i2HFA9N1k02GTusAWt
ty+gOqMCpo3KWpG5B/QTDjMDPr9cHJGK+diEaXWOoq2wMvJpnupR9NuRqUvWov6t
ND6Inm+iEHr+u2OcT9PGkw5IUUVLdHMmnMAr/nxfR5U8zdOau8trjOzP2Bg6+W06
kSrfuU32Q01aAI9eoD2vwBTH7Bbjet/eqLh1mioZ9bwpAxSTCS1PfwSXuvHZm0xZ
czuYJSSHfOAhSB19xTqYNoON8yTI2+NnF2WHKtvWY6moJYeK4cEKcCkHsrVd1Edb
F+/uiwdHnHHuXSDS0yw+bzjyW2obQTMbVGjIHW/v7Ru/bSTVLAW+pn8gF7q4ZQ8U
rVj8Lxd+mdOAikIJOumKBYrLvX5V5Yah5GoM8LKhxjB7xuHsrShQfj2WsgzmCfv0
y8xDwOMJ1LGvPFLtFf5B9S4xfP8PWjDLYVHfaBRmkbSvws7rONZHMRypRiLjOLpX
IJRcn9Xp4+bN1VWUjWLLsb1c3kzduSEPsAk89YBTYge6nE+wfRnMQoBuSRi4P+Yv
En5VhbLckSPSotQKk2RbVc+Q7ODbZxhBe/1TqD8iPf/lWlsxXja9Tc505Shn7dc7
NQap5iQ7CjMmGeodaLIw9ayGdbF+YLot8b6aUVR6I1kITHiu3g8=
=Vh+2
—–END PGP SIGNATURE—–

Autor161.53.13.146
Cert idNCERT-REF-2021-01-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Vlatka Mišić
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa chromium

Otkriveni su sigurnosni nedostaci u programskom paketu chromium za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja,...

Close