CVE-2021-1056
published 2021-01-08CVE-2021-1056: NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor…
high7.1CVSS 3.1
AVLACLPRLUINSUCHINAH
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | nvidia-graphics-drivers | < nvidia-graphics-drivers 460.32.03-1 (bookworm) | nvidia-graphics-drivers 460.32.03-1 (bookworm) |
| debian | nvidia-graphics-drivers-legacy-340xx | < nvidia-graphics-drivers 460.32.03-1 (bookworm) | nvidia-graphics-drivers 460.32.03-1 (bookworm) |
| debian | nvidia-graphics-drivers-legacy-390xx | < nvidia-graphics-drivers 460.32.03-1 (bookworm) | nvidia-graphics-drivers 460.32.03-1 (bookworm) |
| debian | nvidia-graphics-drivers-tesla-418 | < nvidia-graphics-drivers 460.32.03-1 (bookworm) | nvidia-graphics-drivers 460.32.03-1 (bookworm) |
| debian | nvidia-graphics-drivers-tesla-450 | < nvidia-graphics-drivers 460.32.03-1 (bookworm) | nvidia-graphics-drivers 460.32.03-1 (bookworm) |
| linux | linux_kernel | >= 0 < 4.15.0-134.138 | 4.15.0-134.138 |
| linux | linux_kernel | >= 0 < 4.15.0-130.134 | 4.15.0-130.134 |
| linux | linux_kernel | >= 0 < 5.4.0-64.72 | 5.4.0-64.72 |
| linux | linux_kernel | >= 0 < 5.4.0-60.67 | 5.4.0-60.67 |
| nvidia | gpu_driver | >= 390 < 390.141 | 390.141 |
| nvidia | gpu_driver | >= 450 < 450.102.04 | 450.102.04 |
| nvidia | gpu_driver | >= 460 < 460.32.03 | 460.32.03 |
| nvidia | nvidia_gpu_display_driver | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
osv7.8HIGH