drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in NVIDIA graphics drivers
Name: |
Mehrere Probleme in NVIDIA graphics drivers |
|
ID: |
USN-4404-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS, Ubuntu 19.10, Ubuntu 20.04 LTS |
|
Datum: |
Fr, 26. Juni 2020, 07:10 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5967
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5963 |
|
Applikationen: |
nVidia XFree86/X.org Drivers |
|
Originalnachricht |
--===============5215208667652003448== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline
--NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4404-1 June 25, 2020
nvidia-graphics-drivers-390, nvidia-graphics-drivers-440 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS - Ubuntu 19.10 - Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in NVIDIA graphics drivers.
Software Description: - nvidia-graphics-drivers-390: NVIDIA binary X.Org driver - nvidia-graphics-drivers-440: NVIDIA binary X.Org driver
Details:
Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963)
It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967)
It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: xserver-xorg-video-nvidia-390 390.138-0ubuntu0.20.04.1 xserver-xorg-video-nvidia-440 440.100-0ubuntu0.20.04.1
Ubuntu 19.10: xserver-xorg-video-nvidia-390 390.138-0ubuntu0.19.10.1 xserver-xorg-video-nvidia-440 440.100-0ubuntu0.19.10.1
Ubuntu 18.04 LTS: xserver-xorg-video-nvidia-390 390.138-0ubuntu0.18.04.1 xserver-xorg-video-nvidia-440 440.100-0ubuntu0.18.04.1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/4404-1 CVE-2020-5963, CVE-2020-5967, CVE-2020-5973
Package Information: https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.138-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-440/440.100-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.138-0ubuntu0.19.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-440/440.100-0ubuntu0.19.10.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.138-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-440/440.100-0ubuntu0.18.04.1
--NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl71EowACgkQLwmejQBe gfSPog/8DeUtpbfI188p+JkGrJ2bhK2ZUt5ZWCqEKlMph5N1GvK8e5gkTU6gndvu tylFcjUI7Tf0qsdalA9ULdhYe/7rqWJW4zy61PAMR+vvDA0AXEED4yIEzyMeeIhL X186W8mp06Sq33bFVWBup9gDLpjl89uLJVpmKamxRGgWOJnbA55nxOpwVgc00Pl2 WYqYSLwfqq0o7nguFgpZNNOzCX+nldA9UJJ1a37YxdyhWDSNyjGOFLb+gpalEAjA PhuekNoZZcSrRSWiCByge+0U801Cr+UkUGbkQHpQjAAUqO+WON6I4shR4uP5LvHY Q4AhMuFLaeBORo+tKywo/CpoOMutQ5TLzyFDSFTnIBN5ZgHGudzNSYqDlf4NvDQh +4Y0nitFMUtLyJLtjFk6QkUc0AbNakj95ahud1o8SC/KWQY16upRnq8fClXtNL2V qhcCO6mCz6ghSuQgacCNYkxm+KQT4Fm9KyFUor9H1riNmfwoM46iA/j9sqDPMs3i L+NzTt/xdY91SBmtDFbQjx/PfW01UKaosjXuVeQCiUKV5dGaIyfqDa9PffxVPmVV hE7AAY09WoJaUc+TcVkUE9PDX7j2na8wqSMXO2YSBUevCsCEztDHgJ2Zt9Mju5ki sJluofw6WtJDPIawYd5yj1/cVn8aIFWRcdVnyZWu4z4Ld2tBxqk= =2v2F -----END PGP SIGNATURE-----
--NzB8fVQJ5HfG6fxh--
--===============5215208667652003448== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|