Source: nvidia-graphics-drivers Severity: serious Tags: security upstream Control: clone -1 -2 -3 -4 -5 -6 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE‑2021‑1056 Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE‑2021‑1056 Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE‑2021‑1056 Control: reassign -5 src:nvidia-graphics-drivers-tesla-440 Control: retitle -5 nvidia-graphics-drivers-tesla-440: CVE‑2021‑1056 Control: reassign -6 src:nvidia-graphics-drivers-tesla-450 Control: retitle -6 nvidia-graphics-drivers-tesla-450: CVE‑2021‑1052, CVE‑2021‑1053, CVE‑2021‑1056 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 450.51-1 Control: found -1 455.23.04-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5142 CVE‑2021‑1052 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. CVE‑2021‑1053 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. CVE‑2021‑1056 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. CVE‑2021‑1052 and CVE‑2021‑1053 affect R460 and R450 driver branches only. Andreas
