USN-4404-1: NVIDIA graphics drivers vulnerabilities

USN-4404-1: NVIDIA graphics drivers vulnerabilities

nvidia-graphics-drivers-390, nvidia-graphics-drivers-440 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS

Summary

Several security issues were fixed in NVIDIA graphics drivers.

Software Description

  • nvidia-graphics-drivers-390 – NVIDIA binary X.Org driver
  • nvidia-graphics-drivers-440 – NVIDIA binary X.Org driver

Details

Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not
properly perform access control when performing IPC. An attacker could use
this to cause a denial of service or possibly execute arbitrary code.
(CVE-2020-5963)

It was discovered that the UVM driver in the NVIDIA graphics driver
contained a race condition. A local attacker could use this to cause a
denial of service. (CVE-2020-5967)

It was discovered that the NVIDIA virtual GPU guest drivers contained
an unspecified vulnerability that could potentially lead to privileged
operation execution. An attacker could use this to cause a denial of
service. (CVE-2020-5973)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
xserver-xorg-video-nvidia-390390.138-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440440.100-0ubuntu0.20.04.1
Ubuntu 19.10
xserver-xorg-video-nvidia-390390.138-0ubuntu0.19.10.1
xserver-xorg-video-nvidia-440440.100-0ubuntu0.19.10.1
Ubuntu 18.04 LTS
xserver-xorg-video-nvidia-390390.138-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440440.100-0ubuntu0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

Source: USN-4404-1: NVIDIA graphics drivers vulnerabilities

About KENNETH 13404 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


이 사이트는 스팸을 줄이는 아키스밋을 사용합니다. 댓글이 어떻게 처리되는지 알아보십시오.