ALT Linux Team

Package kernel-modules-nvidia-std-def update in sisyphus on 2018-11-12

ALT-PU-2018-3700-1

Package kernel-modules-nvidia-std-def updated to version 410.73-alt2.265808.1 for branch sisyphus in task 215952.

Closed vulnerabilities

Published: 2021-03-30
Modified: 2021-08-20

BDU:2021-01716

Уязвимость графического драйвера GPU Display Driver, связанная с небезопасным управлением привилегиями, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2021-03-30
Modified: 2021-08-20

BDU:2021-01761

Уязвимость графического драйвера GPU Display Driver, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2021-01-08
Modified: 2024-11-21

CVE-2021-1051

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.

Severity: MEDIUM (6.6)Vector: AV:L/AC:L/Au:N/C:N/I:C/A:C
Severity: HIGH (8.4)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
References:
Published: 2021-01-08
Modified: 2024-11-21

CVE-2021-1052

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.

Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Severity: HIGH (7.8)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2021-01-08
Modified: 2024-11-21

CVE-2021-1053

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-01-08
Modified: 2024-11-21

CVE-2021-1054

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: MEDIUM (5.5)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-01-08
Modified: 2024-11-21

CVE-2021-1055

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.

Severity: MEDIUM (4.6)Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Severity: MEDIUM (5.3)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2021-01-08
Modified: 2024-11-21

CVE-2021-1056

NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.

Severity: LOW (3.6)Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P
Severity: HIGH (7.1)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: 2.1.2
Back to top