NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
References
| Link | Resource |
|---|---|
| https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html | Mailing List Third Party Advisory |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5142 | Vendor Advisory |
| https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Configurations
History
13 Oct 2023, 01:34
| Type | Values Removed | Values Added |
|---|---|---|
| References | (GENTOO) https://security.gentoo.org/glsa/202310-02 - Third Party Advisory |
03 Oct 2023, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Information
Published : 2021-01-08 01:15
Updated : 2024-02-28 18:08
NVD link : CVE-2021-1056
Mitre link : CVE-2021-1056
CVE.ORG link : CVE-2021-1056
JSON object : View
Products Affected
nvidia
- gpu_driver
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-276
Incorrect Default Permissions