CVE-2021-1052
Published: 7 January 2021
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.
From the Ubuntu Security Team
It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges.
Notes
| Author | Note |
|---|---|
| alexmurray | CVE-2021-1052 and CVE-2021-1053 affect the following NVIDIA driver series: 450, 455, 418-server, 440-server, 450-server |
| sbeattie | Does not affect 390 series drivers |
| sbeattie | NVIDIA series 455 are superseded by series 460 NVIDIA series 440-server are superseded by series 450 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
nvidia-graphics-drivers-390 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| focal |
Not vulnerable
|
|
| groovy |
Not vulnerable
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
nvidia-graphics-drivers-418-server Launchpad, Ubuntu, Debian |
bionic |
Released
(418.181.07-0ubuntu0.18.04.1)
|
| focal |
Released
(418.181.07-0ubuntu0.20.04.1)
|
|
| groovy |
Released
(418.181.07-0ubuntu0.20.10.1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
nvidia-graphics-drivers-440-server Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by 450-server)
|
| focal |
Ignored
(superseded by 450-server)
|
|
| groovy |
Ignored
(superseded by 450-server)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
nvidia-graphics-drivers-450 Launchpad, Ubuntu, Debian |
bionic |
Released
(450.102.04-0ubuntu0.18.04.1)
|
| focal |
Released
(450.102.04-0ubuntu0.20.04.1)
|
|
| groovy |
Released
(450.102.04-0ubuntu0.20.10.1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
nvidia-graphics-drivers-450-server Launchpad, Ubuntu, Debian |
bionic |
Released
(450.102.04-0ubuntu0.18.04.1)
|
| focal |
Released
(450.102.04-0ubuntu0.20.04.1)
|
|
| groovy |
Released
(450.102.04-0ubuntu0.20.10.1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
nvidia-graphics-drivers-455 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(not available)
|
| focal |
Ignored
(not available)
|
|
| groovy |
Ignored
(not available)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
|
|
| xenial |
Does not exist
|
|
|
nvidia-graphics-drivers-460 Launchpad, Ubuntu, Debian |
bionic |
Released
(460.32.03-0ubuntu0.18.04.1)
|
| focal |
Released
(460.32.03-0ubuntu0.20.04.1)
|
|
| groovy |
Released
(460.32.03-0ubuntu0.20.10.1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |