CVE-2021-1053 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvidia	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 25%

Vendor	Product	Version
nvidia	gpu_driver	390 ≤ 𝑥 < 392.63
nvidia	gpu_driver	418 ≤ 𝑥 < 427.11
nvidia	gpu_driver	450 ≤ 𝑥 < 452.77
nvidia	gpu_driver	460 ≤ 𝑥 < 461.09
nvidia	gpu_driver	390 ≤ 𝑥 < 390.141
nvidia	gpu_driver	450 ≤ 𝑥 < 450.102.04
nvidia	gpu_driver	460 ≤ 𝑥 < 460.32.03

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

nvidia-graphics-drivers

bullseye/non-free	470.256.02-2 fixed
buster	ignored
stretch	not-affected
bookworm/non-free-firmware	535.183.01-1~deb12u1 fixed
sid/non-free-firmware	535.183.06-2 fixed
trixie/non-free-firmware	535.183.06-2 fixed

nvidia-graphics-drivers-tesla-450

bullseye/non-free	450.248.02-7~deb11u1 fixed
buster	ignored
stretch	not-affected
sid/non-free	450.248.02-8 fixed

Ubuntu Releases

Ubuntu Product

Codename

nvidia-graphics-drivers-390

groovy	not-affected
focal	not-affected
bionic	not-affected
xenial	dne
trusty	dne

nvidia-graphics-drivers-418-server

groovy	Fixed 418.181.07-0ubuntu0.20.10.1 released
focal	Fixed 418.181.07-0ubuntu0.20.04.1 released
bionic	Fixed 418.181.07-0ubuntu0.18.04.1 released
xenial	dne
trusty	dne

nvidia-graphics-drivers-440-server

groovy	ignored
focal	ignored
bionic	ignored
xenial	dne
trusty	dne

nvidia-graphics-drivers-450

groovy	Fixed 450.102.04-0ubuntu0.20.10.1 released
focal	Fixed 450.102.04-0ubuntu0.20.04.1 released
bionic	Fixed 450.102.04-0ubuntu0.18.04.1 released
xenial	dne
trusty	dne

nvidia-graphics-drivers-450-server

groovy	Fixed 450.102.04-0ubuntu0.20.10.1 released
focal	Fixed 450.102.04-0ubuntu0.20.04.1 released
bionic	Fixed 450.102.04-0ubuntu0.18.04.1 released
xenial	dne
trusty	dne

nvidia-graphics-drivers-455

groovy	ignored
focal	ignored
bionic	ignored
xenial	dne
trusty	dne

nvidia-graphics-drivers-460

groovy	Fixed 460.32.03-0ubuntu0.20.10.1 released
focal	Fixed 460.32.03-0ubuntu0.20.04.1 released
bionic	Fixed 460.32.03-0ubuntu0.18.04.1 released
xenial	dne
trusty	dne

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

https://security.gentoo.org/glsa/202310-02

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

https://security.gentoo.org/glsa/202310-02