CVE-2021-1053 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 24%

Affected Products (NVD)

Vendor	Product	Version
nvidia	gpu_driver	390 ≤ 𝑥 < 392.63
nvidia	gpu_driver	418 ≤ 𝑥 < 427.11
nvidia	gpu_driver	450 ≤ 𝑥 < 452.77
nvidia	gpu_driver	460 ≤ 𝑥 < 461.09
nvidia	gpu_driver	390 ≤ 𝑥 < 390.141
nvidia	gpu_driver	450 ≤ 𝑥 < 450.102.04
nvidia	gpu_driver	460 ≤ 𝑥 < 460.32.03

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

nvidia-graphics-drivers

bookworm/non-free-firmware	535.183.01-1~deb12u1 fixed
bullseye/non-free	470.256.02-2 fixed
buster	ignored
sid/non-free-firmware	535.183.06-2 fixed
stretch	not-affected
trixie/non-free-firmware	535.183.06-2 fixed

nvidia-graphics-drivers-tesla-450

bullseye/non-free	450.248.02-7~deb11u1 fixed
buster	ignored
sid/non-free	450.248.02-8 fixed
stretch	not-affected

Ubuntu Releases

Ubuntu Product

Codename

nvidia-graphics-drivers-390

bionic	not-affected
focal	not-affected
groovy	not-affected
trusty	dne
xenial	dne

nvidia-graphics-drivers-418-server

bionic	Fixed 418.181.07-0ubuntu0.18.04.1 released
focal	Fixed 418.181.07-0ubuntu0.20.04.1 released
groovy	Fixed 418.181.07-0ubuntu0.20.10.1 released
trusty	dne
xenial	dne

nvidia-graphics-drivers-440-server

bionic	ignored
focal	ignored
groovy	ignored
trusty	dne
xenial	dne

nvidia-graphics-drivers-450

bionic	Fixed 450.102.04-0ubuntu0.18.04.1 released
focal	Fixed 450.102.04-0ubuntu0.20.04.1 released
groovy	Fixed 450.102.04-0ubuntu0.20.10.1 released
trusty	dne
xenial	dne

nvidia-graphics-drivers-450-server

bionic	Fixed 450.102.04-0ubuntu0.18.04.1 released
focal	Fixed 450.102.04-0ubuntu0.20.04.1 released
groovy	Fixed 450.102.04-0ubuntu0.20.10.1 released
trusty	dne
xenial	dne

nvidia-graphics-drivers-455

bionic	ignored
focal	ignored
groovy	ignored
trusty	dne
xenial	dne

nvidia-graphics-drivers-460

bionic	Fixed 460.32.03-0ubuntu0.18.04.1 released
focal	Fixed 460.32.03-0ubuntu0.20.04.1 released
groovy	Fixed 460.32.03-0ubuntu0.20.10.1 released
trusty	dne
xenial	dne

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

https://security.gentoo.org/glsa/202310-02

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

https://security.gentoo.org/glsa/202310-02