USN-5019-1: NVIDIA graphics drivers vulnerabilities

21 July 2021

Several security issues were fixed in the NVIDIA graphics drivers.

Releases

Packages

Details

It was discovered that an assert() could be triggered in the NVIDIA
graphics drivers. A local attacker could use this to cause a denial
of service. (CVE-2021-1093)

It was discovered that the NVIDIA graphics drivers permitted an
out-of-bounds array access. A local attacker could use this
to cause a denial of service or possibly expose sensitive
information. (CVE-2021-1094)

It was discovered that the NVIDIA graphics drivers contained a
vulnerability in the kernel mode layer where they did not properly
control calls with embedded parameters in some situations. A local
attacker could use this to cause a denial of service. (CVE-2021-1095)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.04
Ubuntu 20.10
Ubuntu 20.04
Ubuntu 18.04

After a standard system update you need to reboot your computer to make
all the necessary changes.