==========================================================================
Ubuntu Security Notice USN-4689-1
January 11, 2021
nvidia-graphics-drivers-390, nvidia-graphics-drivers-450,
nvidia-graphics-drivers-460 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.10
– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in NVIDIA graphics drivers.
Software Description:
– nvidia-graphics-drivers-390: NVIDIA binary X.Org driver
– nvidia-graphics-drivers-450: NVIDIA binary X.Org driver
– nvidia-graphics-drivers-460: NVIDIA binary X.Org driver
Details:
It was discovered that the NVIDIA GPU display driver for the Linux kernel
contained a vulnerability that allowed user-mode clients to access legacy
privileged APIs. A local attacker could use this to cause a denial of
service or escalate privileges. (CVE-2021-1052)
It was discovered that the NVIDIA GPU display driver for the Linux kernel
did not properly validate a pointer received from userspace in some
situations. A local attacker could use this to cause a denial of service.
(CVE-2021-1053)
Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux
kernel did not properly restrict device-level GPU isolation. A local
attacker could use this to cause a denial of service or possibly expose
sensitive information. (CVE-2021-1056)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.10:
xserver-xorg-video-nvidia-390 390.141-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.20.10.1
Ubuntu 20.04 LTS:
xserver-xorg-video-nvidia-390 390.141-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
xserver-xorg-video-nvidia-390 390.141-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440 450.102.04-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450 450.102.04-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-455 460.32.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460 460.32.03-0ubuntu0.18.04.1
This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to reboot your
computer to make all the necessary changes.
References:
https://usn.ubuntu.com/4689-1
CVE-2021-1052, CVE-2021-1053, CVE-2021-1056
Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.141-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450/450.102.04-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.32.03-0ubuntu0.18.04.1
—–BEGIN PGP SIGNATURE—–
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl/8vwYACgkQLwmejQBe
gfQp9A//RSfeI5F0pFrk3l9IuTnXaHUnSR/jPhwMi8lrC4i2HFA9N1k02GTusAWt
ty+gOqMCpo3KWpG5B/QTDjMDPr9cHJGK+diEaXWOoq2wMvJpnupR9NuRqUvWov6t
ND6Inm+iEHr+u2OcT9PGkw5IUUVLdHMmnMAr/nxfR5U8zdOau8trjOzP2Bg6+W06
kSrfuU32Q01aAI9eoD2vwBTH7Bbjet/eqLh1mioZ9bwpAxSTCS1PfwSXuvHZm0xZ
czuYJSSHfOAhSB19xTqYNoON8yTI2+NnF2WHKtvWY6moJYeK4cEKcCkHsrVd1Edb
F+/uiwdHnHHuXSDS0yw+bzjyW2obQTMbVGjIHW/v7Ru/bSTVLAW+pn8gF7q4ZQ8U
rVj8Lxd+mdOAikIJOumKBYrLvX5V5Yah5GoM8LKhxjB7xuHsrShQfj2WsgzmCfv0
y8xDwOMJ1LGvPFLtFf5B9S4xfP8PWjDLYVHfaBRmkbSvws7rONZHMRypRiLjOLpX
IJRcn9Xp4+bN1VWUjWLLsb1c3kzduSEPsAk89YBTYge6nE+wfRnMQoBuSRi4P+Yv
En5VhbLckSPSotQKk2RbVc+Q7ODbZxhBe/1TqD8iPf/lWlsxXja9Tc505Shn7dc7
NQap5iQ7CjMmGeodaLIw9ayGdbF+YLot8b6aUVR6I1kITHiu3g8=
=Vh+2
—–END PGP SIGNATURE—–
—