Mehrere Probleme in NVIDIA graphics drivers
ID: | USN-4689-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10 |
Datum: | Di, 12. Januar 2021, 00:41 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1053 |
Applikationen: | nVidia XFree86/X.org Drivers |
Originalnachricht |
|
--===============5822943377758143690== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="gTY1JhLGodeuSBqf" Content-Disposition: inline --gTY1JhLGodeuSBqf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4689-1 January 11, 2021 nvidia-graphics-drivers-390, nvidia-graphics-drivers-450, nvidia-graphics-drivers-460 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in NVIDIA graphics drivers. Software Description: - nvidia-graphics-drivers-390: NVIDIA binary X.Org driver - nvidia-graphics-drivers-450: NVIDIA binary X.Org driver - nvidia-graphics-drivers-460: NVIDIA binary X.Org driver Details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: xserver-xorg-video-nvidia-390 390.141-0ubuntu0.20.10.1 xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.20.10.1 xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.20.10.1 xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.20.10.1 xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.20.10.1 Ubuntu 20.04 LTS: xserver-xorg-video-nvidia-390 390.141-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: xserver-xorg-video-nvidia-390 390.141-0ubuntu0.18.04.1 xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.18.04.1 xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.18.04.1 xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.18.04.1 xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.18.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to reboot your computer to make all the necessary changes. References: https://usn.ubuntu.com/4689-1 CVE-2021-1052, CVE-2021-1053, CVE-2021-1056 Package Information: https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.20.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.20.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.20.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.18.04.1 --gTY1JhLGodeuSBqf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl/8vwYACgkQLwmejQBe gfQp9A//RSfeI5F0pFrk3l9IuTnXaHUnSR/jPhwMi8lrC4i2HFA9N1k02GTusAWt ty+gOqMCpo3KWpG5B/QTDjMDPr9cHJGK+diEaXWOoq2wMvJpnupR9NuRqUvWov6t ND6Inm+iEHr+u2OcT9PGkw5IUUVLdHMmnMAr/nxfR5U8zdOau8trjOzP2Bg6+W06 kSrfuU32Q01aAI9eoD2vwBTH7Bbjet/eqLh1mioZ9bwpAxSTCS1PfwSXuvHZm0xZ czuYJSSHfOAhSB19xTqYNoON8yTI2+NnF2WHKtvWY6moJYeK4cEKcCkHsrVd1Edb F+/uiwdHnHHuXSDS0yw+bzjyW2obQTMbVGjIHW/v7Ru/bSTVLAW+pn8gF7q4ZQ8U rVj8Lxd+mdOAikIJOumKBYrLvX5V5Yah5GoM8LKhxjB7xuHsrShQfj2WsgzmCfv0 y8xDwOMJ1LGvPFLtFf5B9S4xfP8PWjDLYVHfaBRmkbSvws7rONZHMRypRiLjOLpX IJRcn9Xp4+bN1VWUjWLLsb1c3kzduSEPsAk89YBTYge6nE+wfRnMQoBuSRi4P+Yv En5VhbLckSPSotQKk2RbVc+Q7ODbZxhBe/1TqD8iPf/lWlsxXja9Tc505Shn7dc7 NQap5iQ7CjMmGeodaLIw9ayGdbF+YLot8b6aUVR6I1kITHiu3g8= =Vh+2 -----END PGP SIGNATURE----- --gTY1JhLGodeuSBqf-- --===============5822943377758143690== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |