CVE-2021-1056
Published: 07 January 2021
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
From the Ubuntu security team
Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
nvidia-graphics-drivers-390 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Released
(390.141-0ubuntu1)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Released
(390.141-0ubuntu0.20.10.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(390.141-0ubuntu0.20.04.1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(390.141-0ubuntu0.18.04.1)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
nvidia-graphics-drivers-418-server Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Pending
(418.181.07-0ubuntu1)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Released
(418.181.07-0ubuntu0.20.10.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(418.181.07-0ubuntu0.20.04.1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(418.181.07-0ubuntu0.18.04.1)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
nvidia-graphics-drivers-440-server Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
(superseded)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Not vulnerable
(superseded)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Not vulnerable
(superseded)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Not vulnerable
(superseded)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
nvidia-graphics-drivers-450 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Released
(450.102.04-0ubuntu1)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Released
(450.102.04-0ubuntu0.20.10.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(450.102.04-0ubuntu0.20.04.1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(450.102.04-0ubuntu0.18.04.1)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
nvidia-graphics-drivers-450-server Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Pending
(450.102.04-0ubuntu1)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Released
(450.102.04-0ubuntu0.20.10.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(450.102.04-0ubuntu0.20.04.1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(450.102.04-0ubuntu0.18.04.1)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
nvidia-graphics-drivers-455 Launchpad, Ubuntu, Debian |
Upstream |
Ignored
|
| Ubuntu 21.04 (Hirsute Hippo) |
Ignored
(not available)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Ignored
(not available)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Ignored
(not available)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Ignored
(not available)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
nvidia-graphics-drivers-460 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Released
(460.32.03-0ubuntu1)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Released
(460.32.03-0ubuntu0.20.10.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(460.32.03-0ubuntu0.20.04.1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(460.32.03-0ubuntu0.18.04.1)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
Notes
| Author | Note |
|---|---|
| amurray | CVE-2021-1052, CVE-2021-1053, and CVE-2021-1056 affect the following NVIDIA driver series: 450, 455, 418-server, 440-server, 450-server |
| sbeattie | NVIDIA series 455 are superseded by the 460 series. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1056
- https://nvidia.custhelp.com/app/answers/detail/a_id/5142
- https://usn.ubuntu.com/usn/usn-4689-1
- https://usn.ubuntu.com/usn/usn-4689-2
- NVD
- Launchpad
- Debian