CVE-2021-1056

NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
nvidiaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
nvidiagpu_driver
390 ≤
𝑥
< 390.141
nvidiagpu_driver
450 ≤
𝑥
< 450.102.04
nvidiagpu_driver
460 ≤
𝑥
< 460.32.03
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nvidia-graphics-drivers
bullseye/non-free
470.256.02-2
fixed
buster
ignored
stretch
ignored
bookworm/non-free-firmware
535.183.01-1~deb12u1
fixed
sid/non-free-firmware
535.183.06-2
fixed
trixie/non-free-firmware
535.183.06-2
fixed
nvidia-graphics-drivers-legacy-340xx
sid/non-free
vulnerable
buster
ignored
stretch
ignored
nvidia-graphics-drivers-legacy-390xx
bullseye/non-free
390.157-1~deb11u1
fixed
buster
ignored
stretch
ignored
sid/non-free
390.157-9
fixed
nvidia-graphics-drivers-tesla-418
bullseye/non-free
418.226.00-6~deb11u2
fixed
buster
ignored
stretch
ignored
sid/non-free
418.226.00-16
fixed
nvidia-graphics-drivers-tesla-450
bullseye/non-free
450.248.02-7~deb11u1
fixed
buster
ignored
stretch
ignored
sid/non-free
450.248.02-8
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers-390
groovy
Fixed 390.141-0ubuntu0.20.10.1
released
focal
Fixed 390.141-0ubuntu0.20.04.1
released
bionic
Fixed 390.141-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
nvidia-graphics-drivers-418-server
groovy
Fixed 418.181.07-0ubuntu0.20.10.1
released
focal
Fixed 418.181.07-0ubuntu0.20.04.1
released
bionic
Fixed 418.181.07-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
nvidia-graphics-drivers-440-server
groovy
ignored
focal
ignored
bionic
ignored
xenial
dne
trusty
dne
nvidia-graphics-drivers-450
groovy
Fixed 450.102.04-0ubuntu0.20.10.1
released
focal
Fixed 450.102.04-0ubuntu0.20.04.1
released
bionic
Fixed 450.102.04-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
nvidia-graphics-drivers-450-server
groovy
Fixed 450.102.04-0ubuntu0.20.10.1
released
focal
Fixed 450.102.04-0ubuntu0.20.04.1
released
bionic
Fixed 450.102.04-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
nvidia-graphics-drivers-455
groovy
ignored
focal
ignored
bionic
ignored
xenial
dne
trusty
dne
nvidia-graphics-drivers-460
groovy
Fixed 460.32.03-0ubuntu0.20.10.1
released
focal
Fixed 460.32.03-0ubuntu0.20.04.1
released
bionic
Fixed 460.32.03-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
https://nvidia.custhelp.com/app/answers/detail/a_id/5142
https://security.gentoo.org/glsa/202310-02
https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
https://nvidia.custhelp.com/app/answers/detail/a_id/5142
https://security.gentoo.org/glsa/202310-02