USN-4404-1: NVIDIA graphics drivers vulnerabilities
25 June 2020
Several security issues were fixed in NVIDIA graphics drivers.
- nvidia-graphics-drivers-390 - NVIDIA binary X.Org driver
- nvidia-graphics-drivers-440 - NVIDIA binary X.Org driver
Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not
properly perform access control when performing IPC. An attacker could use
this to cause a denial of service or possibly execute arbitrary code.
It was discovered that the UVM driver in the NVIDIA graphics driver
contained a race condition. A local attacker could use this to cause a
denial of service. (CVE-2020-5967)
It was discovered that the NVIDIA virtual GPU guest drivers contained
an unspecified vulnerability that could potentially lead to privileged
operation execution. An attacker could use this to cause a denial of
The problem can be corrected by updating your system to the following package versions:
- xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.20.04.1
- xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.20.04.1
- xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.19.10.1
- xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.19.10.1
- xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.18.04.1
- xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.18.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.