CVE-2021-1056

EUVD-2021-6523
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
nvidiagpu_driver
390 ≤
𝑥
< 390.141
nvidiagpu_driver
450 ≤
𝑥
< 450.102.04
nvidiagpu_driver
460 ≤
𝑥
< 460.32.03
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nvidia-graphics-drivers
bookworm/non-free-firmware
535.183.01-1~deb12u1
fixed
bullseye/non-free
470.256.02-2
fixed
buster
ignored
sid/non-free-firmware
535.183.06-2
fixed
stretch
ignored
trixie/non-free-firmware
535.183.06-2
fixed
nvidia-graphics-drivers-legacy-340xx
buster
ignored
sid/non-free
vulnerable
stretch
ignored
nvidia-graphics-drivers-legacy-390xx
bullseye/non-free
390.157-1~deb11u1
fixed
buster
ignored
sid/non-free
390.157-9
fixed
stretch
ignored
nvidia-graphics-drivers-tesla-418
bullseye/non-free
418.226.00-6~deb11u2
fixed
buster
ignored
sid/non-free
418.226.00-16
fixed
stretch
ignored
nvidia-graphics-drivers-tesla-450
bullseye/non-free
450.248.02-7~deb11u1
fixed
buster
ignored
sid/non-free
450.248.02-8
fixed
stretch
ignored
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers-390
bionic
Fixed 390.141-0ubuntu0.18.04.1
released
focal
Fixed 390.141-0ubuntu0.20.04.1
released
groovy
Fixed 390.141-0ubuntu0.20.10.1
released
trusty
dne
xenial
dne
nvidia-graphics-drivers-418-server
bionic
Fixed 418.181.07-0ubuntu0.18.04.1
released
focal
Fixed 418.181.07-0ubuntu0.20.04.1
released
groovy
Fixed 418.181.07-0ubuntu0.20.10.1
released
trusty
dne
xenial
dne
nvidia-graphics-drivers-440-server
bionic
ignored
focal
ignored
groovy
ignored
trusty
dne
xenial
dne
nvidia-graphics-drivers-450
bionic
Fixed 450.102.04-0ubuntu0.18.04.1
released
focal
Fixed 450.102.04-0ubuntu0.20.04.1
released
groovy
Fixed 450.102.04-0ubuntu0.20.10.1
released
trusty
dne
xenial
dne
nvidia-graphics-drivers-450-server
bionic
Fixed 450.102.04-0ubuntu0.18.04.1
released
focal
Fixed 450.102.04-0ubuntu0.20.04.1
released
groovy
Fixed 450.102.04-0ubuntu0.20.10.1
released
trusty
dne
xenial
dne
nvidia-graphics-drivers-455
bionic
ignored
focal
ignored
groovy
ignored
trusty
dne
xenial
dne
nvidia-graphics-drivers-460
bionic
Fixed 460.32.03-0ubuntu0.18.04.1
released
focal
Fixed 460.32.03-0ubuntu0.20.04.1
released
groovy
Fixed 460.32.03-0ubuntu0.20.10.1
released
trusty
dne
xenial
dne
Common Weakness Enumeration
References
https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
https://nvidia.custhelp.com/app/answers/detail/a_id/5142
https://security.gentoo.org/glsa/202310-02
https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
https://nvidia.custhelp.com/app/answers/detail/a_id/5142
https://security.gentoo.org/glsa/202310-02