Mehrere Probleme in NVIDIA graphics drivers
ID: | USN-4404-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 18.04 LTS, Ubuntu 19.10, Ubuntu 20.04 LTS |
Datum: | Fr, 26. Juni 2020, 07:10 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5967 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5963 |
Applikationen: | nVidia XFree86/X.org Drivers |
Originalnachricht |
|
--===============5215208667652003448== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline --NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4404-1 June 25, 2020 nvidia-graphics-drivers-390, nvidia-graphics-drivers-440 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 19.10 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in NVIDIA graphics drivers. Software Description: - nvidia-graphics-drivers-390: NVIDIA binary X.Org driver - nvidia-graphics-drivers-440: NVIDIA binary X.Org driver Details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963) It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967) It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: xserver-xorg-video-nvidia-390 390.138-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 440.100-0ubuntu0.20.04.1 Ubuntu 19.10: xserver-xorg-video-nvidia-390 390.138-0ubuntu0.19.10.1 xserver-xorg-video-nvidia-440 440.100-0ubuntu0.19.10.1 Ubuntu 18.04 LTS: xserver-xorg-video-nvidia-390 390.138-0ubuntu0.18.04.1 xserver-xorg-video-nvidia-440 440.100-0ubuntu0.18.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://usn.ubuntu.com/4404-1 CVE-2020-5963, CVE-2020-5967, CVE-2020-5973 Package Information: https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.138-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-440/440.100-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.138-0ubuntu0.19.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-440/440.100-0ubuntu0.19.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.138-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-440/440.100-0ubuntu0.18.04.1 --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl71EowACgkQLwmejQBe gfSPog/8DeUtpbfI188p+JkGrJ2bhK2ZUt5ZWCqEKlMph5N1GvK8e5gkTU6gndvu tylFcjUI7Tf0qsdalA9ULdhYe/7rqWJW4zy61PAMR+vvDA0AXEED4yIEzyMeeIhL X186W8mp06Sq33bFVWBup9gDLpjl89uLJVpmKamxRGgWOJnbA55nxOpwVgc00Pl2 WYqYSLwfqq0o7nguFgpZNNOzCX+nldA9UJJ1a37YxdyhWDSNyjGOFLb+gpalEAjA PhuekNoZZcSrRSWiCByge+0U801Cr+UkUGbkQHpQjAAUqO+WON6I4shR4uP5LvHY Q4AhMuFLaeBORo+tKywo/CpoOMutQ5TLzyFDSFTnIBN5ZgHGudzNSYqDlf4NvDQh +4Y0nitFMUtLyJLtjFk6QkUc0AbNakj95ahud1o8SC/KWQY16upRnq8fClXtNL2V qhcCO6mCz6ghSuQgacCNYkxm+KQT4Fm9KyFUor9H1riNmfwoM46iA/j9sqDPMs3i L+NzTt/xdY91SBmtDFbQjx/PfW01UKaosjXuVeQCiUKV5dGaIyfqDa9PffxVPmVV hE7AAY09WoJaUc+TcVkUE9PDX7j2na8wqSMXO2YSBUevCsCEztDHgJ2Zt9Mju5ki sJluofw6WtJDPIawYd5yj1/cVn8aIFWRcdVnyZWu4z4Ld2tBxqk= =2v2F -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh-- --===============5215208667652003448== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |