NVIDIA has released a software security update for NVIDIA® GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, data tampering, or information disclosure. To protect your system, download and install this software update from the [NVIDIA Driver Downloads](<https://www.nvidia.com/Download/index.aspx>) page or, for the vGPU software update, from the NVIDIA Licensing Portal. Go to [NVIDIA Product Security.](<https://www.nvidia.com/security/>)
### Details
This section provides a summary of potential vulnerabilities and their impact that this security update addresses. Descriptions use [CWE™](<https://cwe.mitre.org/>), and base scores and vectors use [CVSS](<https://www.first.org/cvss/user-guide>) v3.1 standards.
#### NVIDIA GPU Display Driver
**CVE IDs** | **Description** | **Base Score** | **Vector**
---|---|---|---
CVE‑2021‑1051 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display. | 8.4 | [AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H>)
CVE‑2021‑1052 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1053 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. | 6.6 | [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H>)
CVE‑2021‑1054 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service. | 6.5 | [AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>)
CVE‑2021‑1055 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure. | 5.3 | [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L>)
CVE‑2021‑1056 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (`nvidia.ko`) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | 5.3 | [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L>)
#### NVIDIA vGPU Software
NVIDIA vGPU Software **CVE IDs** | **Description** | **Base Score** | **Vector**
---|---|---|---
CVE‑2021‑1057 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1058 | NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1059 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1060 | NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1061 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1062 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1063 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1064 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1065 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>)
CVE‑2021‑1066 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. | 5.5 |
[AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H>)
The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.
### Security Updates for NVIDIA GPU Display Driver
The following table lists the NVIDIA software products affected, versions affected, and the updated version available from nvidia.com that includes this security update. Download the updates from the [NVIDIA Driver Downloads](<https://www.nvidia.com/Download/index.aspx>) page.
#### Windows
**CVE IDs Addressed** | **Software Product** | **Operating System** | **Driver Branch** | **Affected Versions** | **Updated Driver Version**
---|---|---|---|---|---
CVE‑2021‑1051 CVE‑2021‑1052 CVE‑2021‑1053 CVE‑2021‑1054 CVE‑2021‑1055 | GeForce | Windows | R460 | All versions prior to 461.09 | 461.09
NVIDIA RTX/Quadro, NVS | Windows | R460 | All versions prior to 461.09 | 461.09
R450 | All versions prior to 452.77 | 452.77
R390 | All versions prior to 392.63 | 392.63
Tesla | Windows | R460 | All versions prior to 461.09 | 461.09
R450 | All versions prior to 452.77 | 452.77
R418 | All versions prior to 427.11 | 427.11
#### Linux
**CVE IDs Addressed** | **Software Product** | **Operating System** | **Driver Branch** | **Affected Versions** | **Updated Driver Version**
---|---|---|---|---|---
CVE‑2021‑1052 CVE‑2021‑1053 | GeForce | Linux | R460 | All versions prior to 460.32.03 | 460.32.03
R450 | All versions prior to 450.102.04 | 450.102.04
NVIDIA RTX/Quadro, NVS | Linux | R460 | All versions prior to 460.32.03 | 460.32.03
R450 | All versions prior to 450.102.04 | 450.102.04
Tesla | Linux | R460 | All versions prior to 460.32.03 | 460.32.03
R450 | All versions prior to 450.102.04 | 450.102.04
CVE‑2021‑1056 | GeForce | Linux | R460 | All versions prior to 460.32.03 | 460.32.03
R450 | All versions prior to 450.102.04 | 450.102.04
NVIDIA RTX/Quadro, NVS | Linux | R460 | All versions prior to 460.32.03 | 460.32.03
R450 | All versions prior to 450.102.04 | 450.102.04
R390 | All version prior to 390.141 | 390.141
Tesla | Linux | R460 | All versions prior to 460.32.03 | 460.32.03
R450 | All versions prior to 450.102.04 | 450.102.04
R418 | All versions prior to 418.181.07 | 418.181.07
#### **Notes**
* Your computer hardware vendor may provide you with Windows GPU display driver versions including 460.84, 457.49, and 452.66, which also contain the security updates.
* CVE‑2021‑1052 and CVE‑2021‑1053 affect only R460 and R450 driver branches for Windows and Linux.
* The tables above may not be a comprehensive list of all affected supported versions or branch releases and may be updated as more information becomes available.
* Earlier software branch releases that support these products are also affected. If you are using an earlier branch release, upgrade to the latest branch release.
### Security Updates for NVIDIA vGPU Software
The following table lists the NVIDIA software products affected, versions affected, and the updated version that includes this security update. Log in to the[ NVIDIA Enterprise Application Hub](<https://nvid.nvidia.com/dashboard/>) to download updates from the NVIDIA Licensing Portal.
**CVE IDs Addressed** | **vGPU Software Component** | **Operating System** | **Affected Versions** | **Updated Version**
---|---|---|---|---
**vGPU Software** | **Driver** | **vGPU Software** | **Driver**
CVE‑2021‑1051 CVE‑2021‑1052 CVE‑2021‑1053 CVE‑2021‑1054 CVE‑2021‑1055 CVE‑2021‑1058 CVE‑2021‑1060 | vGPU software (guest driver) | Windows | All versions prior to 11.3 | All versions prior to 452.77 | 11.3 | 452.77
All versions prior to 8.6 | All versions prior to 427.11 | 8.6 |
427.11
CVE‑2021‑1052 CVE‑2021‑1053 CVE‑2021‑1056 CVE‑2021‑1058 CVE‑2021‑1060 | vGPU software (guest driver) | Linux | All versions prior to 11.3 | All versions prior to 450.102.04 | 11.3 | 450.102.04
All versions prior to 8.6 | All versions prior to 418.181.07 | 8.6 | 418.181.07
CVE‑2021‑1057 CVE‑2021‑1058 CVE‑2021‑1059 CVE‑2021‑1060 CVE‑2021‑1061 CVE‑2021‑1062 CVE‑2021‑1063 CVE‑2021‑1064 CVE‑2021‑1065 CVE‑2021‑1066 | vGPU software (Virtual GPU Manager) | Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, Nutanix AHV | All versions prior to 11.3 | All versions prior to 450.102 | 11.3 | 450.102
All versions prior to 8.6 | All versions prior to 418.181 | 8.6 | 418.181
**Notes:**
* The table above may not be a comprehensive list of all affected supported versions or branch releases and may be updated as more information becomes available.
* Earlier software branch releases that support these products are also affected. If you are using an earlier branch release, upgrade to the latest vGPU software branch release, namely, 11.3.
### Mitigations
See Security Updates for NVIDIA GPU Display Driver or Security Updates for NVIDIA vGPU Software for the version to install.
### Acknowledgements
NVIDIA thanks Xinyuan Lyu of Intelligent Mobile Systems Group, MOE KLINNS Lab, Xi'an Jiaotong University for reporting CVE‑2021‑1056.
Issues CVE‑2021‑1057, CVE‑2021‑1058, CVE-2021-1059, and CVE‑2021‑1062 were discovered by the NVIDIA Product Security Team.
{"id": "NVIDIA:5142", "vendorId": null, "type": "nvidia", "bulletinFamily": "software", "title": "Security Bulletin: NVIDIA GPU Display Driver - January 2021", "description": "NVIDIA has released a software security update for NVIDIA\u00ae GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, data tampering, or information disclosure. To protect your system, download and install this software update from the [NVIDIA Driver Downloads](<https://www.nvidia.com/Download/index.aspx>) page or, for the vGPU software update, from the NVIDIA Licensing Portal. Go to [NVIDIA Product Security.](<https://www.nvidia.com/security/>)\n\n### Details\n\nThis section provides a summary of potential vulnerabilities and their impact that this security update addresses. Descriptions use [CWE\u2122](<https://cwe.mitre.org/>), and base scores and vectors use [CVSS](<https://www.first.org/cvss/user-guide>) v3.1 standards.\n\n#### NVIDIA GPU Display Driver\n\n**CVE IDs** | **Description** | **Base Score** | **Vector** \n---|---|---|--- \nCVE\u20112021\u20111051 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display. | 8.4 | [AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H>) \nCVE\u20112021\u20111052 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111053 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. | 6.6 | [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H>) \nCVE\u20112021\u20111054 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service. | 6.5 | [AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) \nCVE\u20112021\u20111055 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (`nvlddmkm.sys`) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure. | 5.3 | [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L>) \nCVE\u20112021\u20111056 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (`nvidia.ko`) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | 5.3 | [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L>) \n \n#### NVIDIA vGPU Software\n\nNVIDIA vGPU Software **CVE IDs** | **Description** | **Base Score** | **Vector** \n---|---|---|--- \nCVE\u20112021\u20111057 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111058 | NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111059 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111060 | NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111061 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111062 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111063 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111064 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111065 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. | 7.8 | [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H>) \nCVE\u20112021\u20111066 | NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. | 5.5 | \n\n[AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H>) \n \nThe NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.\n\n### Security Updates for NVIDIA GPU Display Driver\n\nThe following table lists the NVIDIA software products affected, versions affected, and the updated version available from nvidia.com that includes this security update. Download the updates from the [NVIDIA Driver Downloads](<https://www.nvidia.com/Download/index.aspx>) page.\n\n#### Windows\n\n**CVE IDs Addressed** | **Software Product** | **Operating System** | **Driver Branch** | **Affected Versions** | **Updated Driver Version** \n---|---|---|---|---|--- \nCVE\u20112021\u20111051 CVE\u20112021\u20111052 CVE\u20112021\u20111053 CVE\u20112021\u20111054 CVE\u20112021\u20111055 | GeForce | Windows | R460 | All versions prior to 461.09 | 461.09 \nNVIDIA RTX/Quadro, NVS | Windows | R460 | All versions prior to 461.09 | 461.09 \nR450 | All versions prior to 452.77 | 452.77 \nR390 | All versions prior to 392.63 | 392.63 \nTesla | Windows | R460 | All versions prior to 461.09 | 461.09 \nR450 | All versions prior to 452.77 | 452.77 \nR418 | All versions prior to 427.11 | 427.11 \n \n#### Linux\n\n**CVE IDs Addressed** | **Software Product** | **Operating System** | **Driver Branch** | **Affected Versions** | **Updated Driver Version** \n---|---|---|---|---|--- \nCVE\u20112021\u20111052 CVE\u20112021\u20111053 | GeForce | Linux | R460 | All versions prior to 460.32.03 | 460.32.03 \nR450 | All versions prior to 450.102.04 | 450.102.04 \nNVIDIA RTX/Quadro, NVS | Linux | R460 | All versions prior to 460.32.03 | 460.32.03 \nR450 | All versions prior to 450.102.04 | 450.102.04 \nTesla | Linux | R460 | All versions prior to 460.32.03 | 460.32.03 \nR450 | All versions prior to 450.102.04 | 450.102.04 \nCVE\u20112021\u20111056 | GeForce | Linux | R460 | All versions prior to 460.32.03 | 460.32.03 \nR450 | All versions prior to 450.102.04 | 450.102.04 \nNVIDIA RTX/Quadro, NVS | Linux | R460 | All versions prior to 460.32.03 | 460.32.03 \nR450 | All versions prior to 450.102.04 | 450.102.04 \nR390 | All version prior to 390.141 | 390.141 \nTesla | Linux | R460 | All versions prior to 460.32.03 | 460.32.03 \nR450 | All versions prior to 450.102.04 | 450.102.04 \nR418 | All versions prior to 418.181.07 | 418.181.07 \n \n#### **Notes**\n\n * Your computer hardware vendor may provide you with Windows GPU display driver versions including 460.84, 457.49, and 452.66, which also contain the security updates.\n\n * CVE\u20112021\u20111052 and CVE\u20112021\u20111053 affect only R460 and R450 driver branches for Windows and Linux.\n\n * The tables above may not be a comprehensive list of all affected supported versions or branch releases and may be updated as more information becomes available.\n\n * Earlier software branch releases that support these products are also affected. If you are using an earlier branch release, upgrade to the latest branch release.\n\n### Security Updates for NVIDIA vGPU Software\n\nThe following table lists the NVIDIA software products affected, versions affected, and the updated version that includes this security update. Log in to the[ NVIDIA Enterprise Application Hub](<https://nvid.nvidia.com/dashboard/>) to download updates from the NVIDIA Licensing Portal.\n\n**CVE IDs Addressed** | **vGPU Software Component** | **Operating System** | **Affected Versions** | **Updated Version** \n---|---|---|---|--- \n**vGPU Software** | **Driver** | **vGPU Software** | **Driver** \nCVE\u20112021\u20111051 CVE\u20112021\u20111052 CVE\u20112021\u20111053 CVE\u20112021\u20111054 CVE\u20112021\u20111055 CVE\u20112021\u20111058 CVE\u20112021\u20111060 | vGPU software (guest driver) | Windows | All versions prior to 11.3 | All versions prior to 452.77 | 11.3 | 452.77 \nAll versions prior to 8.6 | All versions prior to 427.11 | 8.6 | \n\n427.11 \n \nCVE\u20112021\u20111052 CVE\u20112021\u20111053 CVE\u20112021\u20111056 CVE\u20112021\u20111058 CVE\u20112021\u20111060 | vGPU software (guest driver) | Linux | All versions prior to 11.3 | All versions prior to 450.102.04 | 11.3 | 450.102.04 \nAll versions prior to 8.6 | All versions prior to 418.181.07 | 8.6 | 418.181.07 \nCVE\u20112021\u20111057 CVE\u20112021\u20111058 CVE\u20112021\u20111059 CVE\u20112021\u20111060 CVE\u20112021\u20111061 CVE\u20112021\u20111062 CVE\u20112021\u20111063 CVE\u20112021\u20111064 CVE\u20112021\u20111065 CVE\u20112021\u20111066 | vGPU software (Virtual GPU Manager) | Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, Nutanix AHV | All versions prior to 11.3 | All versions prior to 450.102 | 11.3 | 450.102 \nAll versions prior to 8.6 | All versions prior to 418.181 | 8.6 | 418.181 \n \n**Notes:**\n\n * The table above may not be a comprehensive list of all affected supported versions or branch releases and may be updated as more information becomes available.\n\n * Earlier software branch releases that support these products are also affected. If you are using an earlier branch release, upgrade to the latest vGPU software branch release, namely, 11.3.\n\n### Mitigations\n\nSee Security Updates for NVIDIA GPU Display Driver or Security Updates for NVIDIA vGPU Software for the version to install.\n\n### Acknowledgements\n\nNVIDIA thanks Xinyuan Lyu of Intelligent Mobile Systems Group, MOE KLINNS Lab, Xi'an Jiaotong University for reporting CVE\u20112021\u20111056.\n\nIssues CVE\u20112021\u20111057, CVE\u20112021\u20111058, CVE-2021-1059, and CVE\u20112021\u20111062 were discovered by the NVIDIA Product Security Team.\n", "published": "2021-01-07T00:00:00", "modified": "2021-06-23T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.0, "impactScore": 5.8}, "href": "https://nvidia.custhelp.com/app/answers/detail/a_id/5142", "reporter": "Nvidia", "references": [], "cvelist": ["CVE-2021-1051", "CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1054", "CVE-2021-1055", "CVE-2021-1056", "CVE-2021-1057", "CVE-2021-1058", "CVE-2021-1059", "CVE-2021-1060", "CVE-2021-1061", "CVE-2021-1062", "CVE-2021-1063", "CVE-2021-1064", "CVE-2021-1065", "CVE-2021-1066"], "immutableFields": [], "lastseen": "2022-08-05T18:06:22", "viewCount": 80, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-202101-19"]}, {"type": "cve", "idList": ["CVE-2021-1051", "CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1054", "CVE-2021-1055", "CVE-2021-1056", "CVE-2021-1057", "CVE-2021-1058", "CVE-2021-1059", "CVE-2021-1060", "CVE-2021-1061", "CVE-2021-1062", "CVE-2021-1063", "CVE-2021-1064", "CVE-2021-1065", "CVE-2021-1066"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2888-1:26FED"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-1052", "DEBIANCVE:CVE-2021-1053", "DEBIANCVE:CVE-2021-1056"]}, {"type": "githubexploit", "idList": ["39050851-608A-577F-92C6-C74F6B3F9276"]}, {"type": "hp", "idList": ["HP:C06993751"]}, {"type": "lenovo", "idList": ["LENOVO:PS500388-NVIDIA-GPU-DISPLAY-DRIVER-JANUARY-2021-SECURITY-BULLETIN-NOSID"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2888.NASL", "NVIDIA_UNIX_2021_01.NASL", "NVIDIA_UNIX_2021_01_CVE-2021-1056.NASL", "NVIDIA_WIN_2021_01.NASL", "UBUNTU_USN-4689-1.NASL", "UBUNTU_USN-4689-2.NASL", "UBUNTU_USN-4689-3.NASL", "UBUNTU_USN-4689-4.NASL"]}, {"type": "osv", "idList": ["OSV:DLA-2888-1"]}, {"type": "threatpost", "idList": ["THREATPOST:76629D14B75B880B024942B1FD6DC607", "THREATPOST:999241D3734A4194DA7DD62BB1C2B5E2"]}, {"type": "ubuntu", "idList": ["USN-4689-1", "USN-4689-2", "USN-4689-3", "USN-4689-4"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-1052", "UB:CVE-2021-1053", "UB:CVE-2021-1056"]}]}, "score": {"value": 2.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-202101-19"]}, {"type": "cve", "idList": ["CVE-2021-1051", "CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1054", "CVE-2021-1055", "CVE-2021-1056", "CVE-2021-1057", "CVE-2021-1058", "CVE-2021-1059", "CVE-2021-1060", "CVE-2021-1061", "CVE-2021-1062", "CVE-2021-1063", "CVE-2021-1064", "CVE-2021-1065", "CVE-2021-1066"]}, {"type": "lenovo", "idList": ["LENOVO:PS500388-NVIDIA-GPU-DISPLAY-DRIVER-JANUARY-2021-SECURITY-BULLETIN-NOSID"]}, {"type": "threatpost", "idList": ["THREATPOST:2AA92EF36A326DBFF16B3A99653F68CD", "THREATPOST:76629D14B75B880B024942B1FD6DC607"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-1052", "UB:CVE-2021-1053", "UB:CVE-2021-1056"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "geforce", "version": 461}, {"name": "nvidia rtx/quadro", "version": 461}, {"name": "nvs", "version": 461}, {"name": "nvidia rtx/quadro", "version": 452}, {"name": "nvs", "version": 452}, {"name": "nvidia rtx/quadro", "version": 392}, {"name": "nvs", "version": 392}, {"name": "tesla", "version": 461}, {"name": "tesla", "version": 452}, {"name": "tesla", "version": 427}, {"name": "geforce", "version": 460}, {"name": "geforce", "version": 450}, {"name": "nvidia rtx/quadro", "version": 460}, {"name": "nvs", "version": 460}, {"name": "nvidia rtx/quadro", "version": 450}, {"name": "nvs", "version": 450}, {"name": "tesla", "version": 460}, {"name": "tesla", "version": 450}, {"name": "nvidia rtx/quadro", "version": 390}, {"name": "nvs", "version": 390}, {"name": "tesla", "version": 418}, {"name": "vgpu software (guest driver)", "version": 452}, {"name": "vgpu software (guest driver)", "version": 427}, {"name": "vgpu software (guest driver)", "version": 450}, {"name": "vgpu software (guest driver)", "version": 418}, {"name": "vgpu software (virtual gpu manager)", "version": 450}, {"name": "vgpu software (virtual gpu manager)", "version": 418}, {"name": "added acknowledgement for cve-2021-1059", "version": 2021}]}, "vulnersScore": 2.2}, "_state": {"dependencies": 1660004461, "score": 1659893617, "affected_software_major_version": 1666624850}, "_internal": {"score_hash": "875cd50db1c423624f9c76c502e2369f"}, "affectedSoftware": [{"version": "461.09", "operator": "lt", "name": "geforce"}, {"version": "461.09", "operator": "lt", "name": "nvidia rtx/quadro"}, {"version": "461.09", "operator": "lt", "name": "nvs"}, {"version": "452.77", "operator": "lt", "name": "nvidia rtx/quadro"}, {"version": "452.77", "operator": "lt", "name": "nvs"}, {"version": "392.63", "operator": "lt", "name": "nvidia rtx/quadro"}, {"version": "392.63", "operator": "lt", "name": "nvs"}, {"version": "461.09", "operator": "lt", "name": "tesla"}, {"version": "452.77", "operator": "lt", "name": "tesla"}, {"version": "427.11", "operator": "lt", "name": "tesla"}, {"version": "460.32.03", "operator": "lt", "name": "geforce"}, {"version": "450.102.04", "operator": "lt", "name": "geforce"}, {"version": "460.32.03", "operator": "lt", "name": "nvidia rtx/quadro"}, {"version": "460.32.03", "operator": "lt", "name": "nvs"}, {"version": "450.102.04", "operator": "lt", "name": "nvidia rtx/quadro"}, {"version": "450.102.04", "operator": "lt", "name": "nvs"}, {"version": "460.32.03", "operator": "lt", "name": "tesla"}, {"version": "450.102.04", "operator": "lt", "name": "tesla"}, {"version": "390.141", "operator": "lt", "name": "nvidia rtx/quadro"}, {"version": "390.141", "operator": "lt", "name": "nvs"}, {"version": "418.181.07", "operator": "lt", "name": "tesla"}, {"version": "452.77", "operator": "lt", "name": "vgpu software (guest driver)"}, {"version": "427.11", "operator": "lt", "name": "vgpu software (guest driver)"}, {"version": "450.102.04", "operator": "lt", "name": "vgpu software (guest driver)"}, {"version": "418.181.07", "operator": "lt", "name": "vgpu software (guest driver)"}, {"version": "450.102", "operator": "lt", "name": "vgpu software (virtual gpu manager)"}, {"version": "418.181", "operator": "lt", "name": "vgpu software (virtual gpu manager)"}, {"version": "2021-1059", "operator": "lt", "name": "added acknowledgement for cve-2021-1059"}]}
{"lenovo": [{"lastseen": "2021-08-11T16:37:35", "description": "**Lenovo Security Advisory: **LEN-51735\n\n**Potential Impact: **Denial of service, privilege escalation, information disclosure.\n\n**Severity: **High\n\n**Scope of Impact: **Industry-wide\n\n**CVE Identifier: **CVE-2021-1051, CVE-2021-1052, CVE-2021-1053, CVE-2021-1054, CVE-2021-1055, CVE-2021-1057, CVE-2021-1058, CVE-2021-1059, CVE-2021-1060, CVE-2021-1061, CVE-2021-1062, CVE-2021-1063, CVE-2021-1064, CVE-2021-1065, CVE-2021-1066\n\n**Summary Description:**\n\nNVIDIA has released a software security update for the NVIDIA GPU Display Driver and NVIDIA vGPU Software. This update addresses issues that may lead to denial of service, escalation of privileges, or information disclosure.\n\n**Mitigation Strategy for Customers (what you should do to protect yourself):**\n\nNVIDIA recommends upgrading to the driver version (or newer) indicated for your model in the Product Impact section below.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-12T14:22:25", "type": "lenovo", "title": "NVIDIA GPU Display Driver - January 2021 Security Bulletin - Lenovo Support NL", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1062", "CVE-2021-1054", "CVE-2021-1055", "CVE-2021-1066", "CVE-2021-1064", "CVE-2021-1051", "CVE-2021-1063", "CVE-2021-1059", "CVE-2021-1057", "CVE-2021-1065", "CVE-2021-1053", "CVE-2021-1060", "CVE-2021-1058", "CVE-2021-1061", "CVE-2021-1052"], "modified": "2021-08-09T15:59:49", "id": "LENOVO:PS500388-NVIDIA-GPU-DISPLAY-DRIVER-JANUARY-2021-SECURITY-BULLETIN-NOSID", "href": "https://support.lenovo.com/nl/nl/product_security/ps500388-nvidia-gpu-display-driver-january-2021-security-bulletin", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "hp": [{"lastseen": "2021-12-30T16:03:33", "description": "## Potential Security Impact\nEscalation of Privilege, Denial of Service, and Information Disclosure\n\n**Source**: HP, HP Product Security Response Team (PSRT) \n\n**Reported By**: NVIDIA \n\n## VULNERABILITY SUMMARY\nNVIDIA has informed HP of potential security vulnerabilities in the NVIDIA GPU Display Driver and Software which may lead to escalation of privileges, denial of service, and information disclosure.\n\nFor detailed information on the vulnerabilities visit the NVIDIA Product Security page at <https://www.nvidia.com/security>[__](<https://www.nvidia.com/security> \"External site.\" ) (in English). \n\n## RESOLUTION\nNVIDIA has released updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerability. See the affected platforms listed below.\n", "cvss3": {}, "published": "2021-01-07T00:00:00", "type": "hp", "title": "HPSBHF03710 rev. 6 - NVIDIA GPU Display Driver January 2021 Security Updates", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-1051", "CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1054", "CVE-2021-1055"], "modified": "2021-06-24T00:00:00", "id": "HP:C06993751", "href": "https://support.hp.com/us-en/document/c06993751", "cvss": {"score": "8.4", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:23:21", "description": "NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability\nin the kernel mode layer (nvidia.ko) in which it does not completely honor\noperating system file system permissions to provide GPU device-level\nisolation, which may lead to denial of service or information disclosure.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+bug/1906680>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[amurray](<https://launchpad.net/~amurray>) | CVE-2021-1052, CVE-2021-1053, and CVE-2021-1056 affect the following NVIDIA driver series: 450, 455, 418-server, 440-server, 450-server \n[sbeattie](<https://launchpad.net/~sbeattie>) | NVIDIA series 455 are superseded by the 460 series. NVIDIA series 440-server are superseded by 450-server.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-07T00:00:00", "type": "ubuntucve", "title": "CVE-2021-1056", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-07T00:00:00", "id": "UB:CVE-2021-1056", "href": "https://ubuntu.com/security/CVE-2021-1056", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-08-04T13:23:20", "description": "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a\nvulnerability in the kernel mode layer (nvlddmkm.sys) handler for\nDxgkDdiEscape or IOCTL in which improper validation of a user pointer may\nlead to denial of service.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+bug/1906680>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[amurray](<https://launchpad.net/~amurray>) | CVE-2021-1052 and CVE-2021-1053 affect the following NVIDIA driver series: 450, 455, 418-server, 440-server, 450-server \n[sbeattie](<https://launchpad.net/~sbeattie>) | Does not affect 390 series drivers. \n[sbeattie](<https://launchpad.net/~sbeattie>) | NVIDIA series 455 are superseded by the 460 series. NVIDIA series 440-server are superseded by the 450-server series.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-07T00:00:00", "type": "ubuntucve", "title": "CVE-2021-1053", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053"], "modified": "2021-01-07T00:00:00", "id": "UB:CVE-2021-1053", "href": "https://ubuntu.com/security/CVE-2021-1053", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:23:23", "description": "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a\nvulnerability in the kernel mode layer (nvlddmkm.sys) handler for\nDxgkDdiEscape or IOCTL in which user-mode clients can access legacy\nprivileged APIs, which may lead to denial of service, escalation of\nprivileges, and information disclosure.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+bug/1906680>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[amurray](<https://launchpad.net/~amurray>) | CVE-2021-1052 and CVE-2021-1053 affect the following NVIDIA driver series: 450, 455, 418-server, 440-server, 450-server \n[sbeattie](<https://launchpad.net/~sbeattie>) | Does not affect 390 series drivers \n[sbeattie](<https://launchpad.net/~sbeattie>) | NVIDIA series 455 are superseded by series 460 NVIDIA series 440-server are superseded by series 450\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-07T00:00:00", "type": "ubuntucve", "title": "CVE-2021-1052", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053"], "modified": "2021-01-07T00:00:00", "id": "UB:CVE-2021-1052", "href": "https://ubuntu.com/security/CVE-2021-1052", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2021-01-20T21:03:55", "description": "NVIDIA has newly disclosed three security vulnerabilities in the NVIDIA Shield TV, which could allow denial of service, escalation of privileges and data loss.\n\nThe NVIDIA Shield TV is a set-top gadget that acts as a hub for the smart home, streams PC games from a gaming PC to a TV; and allows local and online media playback and streaming. Android games compatible with Android TV are compatible with the Shield TV and controller, as are those from the NVIDIA\u2019s GeoForce market.\n\nSeparately, NVIDIA issued an updated security advisory for a cluster of security bugs in NVIDIA\u2019s video-friendly graphics processing unit (GPU) Display Driver. These could plague Linux gamers and others with denial of service, escalation of privileges and information disclosure.\n\n## **NVIDIA Shield TV Bugs**\n\nWhen it comes to the internet-of-things (IoT) device known as Shield TV, one high-severity bug (CVE\u20112021\u20111068) exists in the NVDEC component of the gadget, which is a hardware-based decoder. It arises because an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges. It carries a 7.8 CVSS rating.\n\nThe other two bugs are medium-severity. The flaw tracked as CVE\u20112021\u20111069 exists in the NVHost function, and could lead to an abnormal reboot due to a null pointer reference, causing data loss.\n\nAnother, CVE\u20112021\u20111067 exists in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.\n\nTo protect a system, users can download and install a software update through the update notification that will appear on the Home Screen, or by going to Settings>About>System update.\n\n## **NVIDIA GPU Display Driver Kernel Bugs **\n\nEarlier in January, Nvidia patched flaws [tied to 16 CVEs](<https://threatpost.com/nvidia-windows-gamers-graphics-driver-flaws/162857/>) across its graphics drivers and vGPU software, in its first security update of 2021. An updated security advisory now includes the availability of patched Linux drivers for the Tesla line of GPUs, affecting CVE-2021-1052, CVE-2021-1053 and CVE-2021-1056.\n\nTesla as a line of GPU accelerator boards optimized for high-performance, general-purpose computing. They are used for parallel scientific, engineering, and technical computing, and they are designed for deployment in supercomputers, clusters and workstations.\n\nThe patches address one high-severity issue (CVE\u20112021\u20111052) in the graphics driver, which is the software component that enables a device\u2019s operating system and programs to use NVIDIA\u2019s high-level, gaming- and science-optimized graphics hardware.\n\nfound in the Linux kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL. Here, \u201cuser-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges and information disclosure,\u201d according to the company.\n\nThe other two Linux issues rate medium-severity. The first (CVE\u20112021\u20111053) also affects the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL, in which improper validation of a user pointer may lead to denial of service.\n\nThe second medium bug (CVE\u20112021\u20111056) is a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.\n\nFull details on all of the GPU vulnerabilities are available in the [security bulletin](<https://nvidia.custhelp.com/app/answers/detail/a_id/5142>). Patched versions are as follows:\n\n\n\n## **NVIDIA\u2019s Line of Security Bugs**\n\nThis is not NVIDIA\u2019s first patching rodeo.\n\nLast year, the company issued its fair share of patches; including fixes for [two high-severity flaws in the Windows version](<https://threatpost.com/nvidia-gamers-geforce-experience-flaws/160487/>) of its GeForce Experience software, and a patch for a critical bug in its [high-performance line of DGX servers,](<https://threatpost.com/nvidia-critical-bug-hpc/160762/>) both in October; and a high-severity flaw in its [GeForce NOW application software for Windows in November](<https://threatpost.com/nvidia-windows-gamers-geforce-now-flaw/161132/>).\n\n**Download our exclusive **[**FREE Threatpost Insider eBook**](<https://threatpost.com/ebooks/healthcare-security-woes-balloon-in-a-covid-era-world/?utm_source=FEATURE&utm_medium=FEATURE&utm_campaign=Nov_eBook>) _**Healthcare Security Woes Balloon in a Covid-Era World**_** , sponsored by ZeroNorth, to learn more about what these security risks mean for hospitals at the day-to-day level and how healthcare security teams can implement best practices to protect providers and patients. Get the whole story and **[**DOWNLOAD the eBook now**](<https://threatpost.com/ebooks/healthcare-security-woes-balloon-in-a-covid-era-world/?utm_source=ART&utm_medium=ART&utm_campaign=Nov_eBook>)** \u2013 on us!**\n", "cvss3": {}, "published": "2021-01-20T20:45:43", "type": "threatpost", "title": "NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-20T20:45:43", "id": "THREATPOST:76629D14B75B880B024942B1FD6DC607", "href": "https://threatpost.com/nvidia-gamers-dos-data-loss-shield-tv-bugs/163200/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-26T22:25:26", "description": "Nvidia has patched three vulnerabilities affecting its Jetson lineup, which is a series of embedded computing boards designed for machine-learning applications, in things like autonomous robots, drones and more. A successful exploit could potentially cripple any such gadgets leveraging the affected Jetson products, said Nvidia.\n\nIf exploited,[ the most serious of these flaws](<https://nvidia.custhelp.com/app/answers/detail/a_id/5147>) could lead to a denial-of-service (DoS) condition for affected products. The flaw ([CVE-2021-1070](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1070>)) ranks 7.1 out of 10 on the CVSS scale, making it high-severity. It specifically exists in the Nvidia Linux Driver Package (L4T), the board support package for Jetson products.\n\nNvidia L4T contains a glitch in the apply_binaries.sh script. This script is used to install Nvidia components into the root file system image. The script allows improper access control, which may lead to an unprivileged user being able to modify system device tree files. Device trees are a data structure of the hardware components of a particular computer, which allow an operating system\u2019s kernel to use and manage those components, including the CPU, memory, and peripherals.\n\n[](<https://threatpost.com/newsletter-sign/>)\n\nAccess to a device tree file could allow an attacker to launch a DoS attack. Further details about the flaw \u2013 including what an attacker needs to exploit it \u2013 were not disclosed. The issue was discovered by programmer Michael de Gans.\n\nAll versions prior to L4T release r32.5 are affected; a patch is available in L4T release r32.5. Specific Jetson products affected include the Jetson TX1 and TX2 series; which are two low-power embedded computing boards that carry a Nvidia Tegra processor and are specifically designed for accelerating machine learning in systems. Also affected are the Jetson AGX Xavier series, a developer kit that\u2019s essentially an artificial intelligence computer for autonomous machines; the Jetson Xavier NX developer kit; and the Jetson Nano and Jetson Nano 2GB developer kits.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/01/26155553/Teal2-300x178-1.jpg>)\n\nA drone with Nvidia Jetson TX1\n\nThe other two are medium-severity flaws (CVE\u20112021\u20111069 and CVE\u20112021\u20111071), which were uncovered in the Nvidia Tegra\u2019s kernel driver. This is code that allows the kernel to talk to the hardware devices that the system-on-a-chip (SoC) is in.\n\nCVE\u20112021\u20111069 exists in NVHost, a software host that\u2019s part of Nvidia Driver Helper Service. NVHost allows a variable to be null, which may lead to a null pointer dereference and unexpected reboot, ultimately leading to data loss, according to Nvidia.\n\nCVE\u20112021\u20111071 meanwhile exists in the INA3221 driver, an on-board power monitor that monitors the voltage and current of certain rails. The flaw enables improper access control, which may lead to unauthorized users gaining access to system power usage data. This can lead to information disclosure.\n\nIt\u2019s only the latest set of patches to be released by Nvidia this month. Last week, Nvidia newly disclosed [three security vulnerabilities](<https://threatpost.com/nvidia-gamers-dos-data-loss-shield-tv-bugs/163200/>) in the NVIDIA Shield TV, which could allow denial of service, escalation of privileges and data loss. Earlier in January, Nvidia patched flaws [tied to 16 CVEs](<https://threatpost.com/nvidia-windows-gamers-graphics-driver-flaws/162857/>) across its graphics drivers and vGPU software, in its first security update of 2021. An updated security advisory now includes the availability of patched Linux drivers for the Tesla line of GPUs, affecting CVE-2021-1052, CVE-2021-1053 and CVE-2021-1056.\n", "cvss3": {}, "published": "2021-01-26T22:11:54", "type": "threatpost", "title": "Nvidia Squashes High-Severity Jetson DoS Flaw", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056", "CVE-2021-1070"], "modified": "2021-01-26T22:11:54", "id": "THREATPOST:999241D3734A4194DA7DD62BB1C2B5E2", "href": "https://threatpost.com/nvidia-squashes-high-severity-jetson-dos-flaw/163360/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:56", "description": "Arch Linux Security Advisory ASA-202101-19\n==========================================\n\nSeverity: High\nDate : 2021-01-12\nCVE-ID : CVE-2021-1052 CVE-2021-1053 CVE-2021-1056\nPackage : nvidia-utils\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-1417\n\nSummary\n=======\n\nThe package nvidia-utils before version 460.32.03-1 is vulnerable to\nmultiple issues including privilege escalation, denial of service and\ninformation disclosure.\n\nResolution\n==========\n\nUpgrade to 460.32.03-1.\n\n# pacman -Syu \"nvidia-utils>=460.32.03-1\"\n\nThe problems have been fixed upstream in version 460.32.03.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-1052 (privilege escalation)\n\nThe NVIDIA GPU Display Driver, all versions of the R460 and R450 driver\nbranches, contains a vulnerability in the kernel mode layer (nvidia.ko)\nhandler for DxgkDdiEscape or IOCTL in which user-mode clients can\naccess legacy privileged APIs, which may lead to denial of service,\nescalation of privileges, and information disclosure. This issue is\nfixed in versions 460.32.03 and 450.102.04.\n\n- CVE-2021-1053 (denial of service)\n\nThe NVIDIA GPU Display Driver, all versions of the R460 and R450 driver\nbranches, contains a vulnerability in the kernel mode layer (nvidia.ko)\nhandler for DxgkDdiEscape or IOCTL in which improper validation of a\nuser pointer may lead to denial of service. This issue is fixed in\nversions 460.32.03 and 450.102.04.\n\n- CVE-2021-1056 (information disclosure)\n\nThe NVIDIA GPU Display Driver contains a vulnerability in the kernel\nmode layer (nvidia.ko) in which it does not completely honor operating\nsystem file system permissions to provide GPU device-level isolation,\nwhich may lead to denial of service or information disclosure. This\nissue is fixed in versions 460.32.03, 450.102.04 and 390.141.\n\nImpact\n======\n\nA local user might crash the service, escalate privileges or disclose\nsensitive information.\n\nReferences\n==========\n\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5142\nhttps://security.archlinux.org/CVE-2021-1052\nhttps://security.archlinux.org/CVE-2021-1053\nhttps://security.archlinux.org/CVE-2021-1056", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-12T00:00:00", "type": "archlinux", "title": "[ASA-202101-19] nvidia-utils: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-12T00:00:00", "id": "ASA-202101-19", "href": "https://security.archlinux.org/ASA-202101-19", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-18T14:27:17", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4689-2 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. (CVE-2021-1053)\n\n - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. (CVE-2021-1056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-12T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4689-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1063-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1092-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1104-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-130-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-130-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-130-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1034-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1035-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1035-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1036-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-60-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-60-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-60-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.6.0-1042-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1015-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1016-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1018-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge"], "id": "UBUNTU_USN-4689-2.NASL", "href": "https://www.tenable.com/plugins/nessus/144869", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4689-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144869);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-1052\", \"CVE-2021-1053\", \"CVE-2021-1056\");\n script_xref(name:\"USN\", value:\"4689-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4689-2)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4689-2 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy\n privileged APIs, which may lead to denial of service, escalation of privileges, and information\n disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may\n lead to denial of service. (CVE-2021-1053)\n\n - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer\n (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU\n device-level isolation, which may lead to denial of service or information disclosure. (CVE-2021-1056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4689-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1052\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1063-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1092-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1104-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-130-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-130-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-130-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1034-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1035-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1035-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1036-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-60-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-60-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-60-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.6.0-1042-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1015-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1016-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1018-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-36-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2021-1052', 'CVE-2021-1053', 'CVE-2021-1056');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4689-2');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1063-oracle', 'pkgver': '4.15.0-1063.70'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1092-aws', 'pkgver': '4.15.0-1092.98'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1104-azure', 'pkgver': '4.15.0-1104.116'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-130-generic', 'pkgver': '4.15.0-130.134'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-130-generic-lpae', 'pkgver': '4.15.0-130.134'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-130-lowlatency', 'pkgver': '4.15.0-130.134'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1034-gcp', 'pkgver': '5.4.0-1034.37~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1035-aws', 'pkgver': '5.4.0-1035.37~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1035-oracle', 'pkgver': '5.4.0-1035.38~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1036-azure', 'pkgver': '5.4.0-1036.38~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-60-generic', 'pkgver': '5.4.0-60.67~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-60-generic-lpae', 'pkgver': '5.4.0-60.67~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-60-lowlatency', 'pkgver': '5.4.0-60.67~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.4.0.1035.20'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws-edge', 'pkgver': '5.4.0.1035.20'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws-lts-18.04', 'pkgver': '4.15.0.1092.94'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.4.0.1036.18'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '5.4.0.1036.18'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure-lts-18.04', 'pkgver': '4.15.0.1104.77'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp', 'pkgver': '5.4.0.1034.22'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp-edge', 'pkgver': '5.4.0.1034.22'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.4.0.1035.38~18.04.19'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle-edge', 'pkgver': '5.4.0.1035.38~18.04.19'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle-lts-18.04', 'pkgver': '4.15.0.1063.73'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon-hwe-18.04', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon-hwe-18.04-edge', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.130.117'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.60.67~18.04.55'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1034-gcp', 'pkgver': '5.4.0-1034.37'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1035-aws', 'pkgver': '5.4.0-1035.37'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1035-oracle', 'pkgver': '5.4.0-1035.38'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1036-azure', 'pkgver': '5.4.0-1036.38'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-60-generic', 'pkgver': '5.4.0-60.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-60-generic-lpae', 'pkgver': '5.4.0-60.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-60-lowlatency', 'pkgver': '5.4.0-60.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.6.0-1042-oem', 'pkgver': '5.6.0-1042.46'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-36-generic', 'pkgver': '5.8.0-36.40~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-36-generic-lpae', 'pkgver': '5.8.0-36.40~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-36-lowlatency', 'pkgver': '5.8.0-36.40~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.4.0.1035.36'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.4.0.1036.34'},\n {'osver': '20.04', 'pkgname': 'linux-image-gcp', 'pkgver': '5.4.0.1034.43'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.6.0.1042.38'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.4.0.1035.32'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.60.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.8.0.36.40~20.04.21'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1015-oracle', 'pkgver': '5.8.0-1015.16'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1016-gcp', 'pkgver': '5.8.0-1016.17'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1017-azure', 'pkgver': '5.8.0-1017.19'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1018-aws', 'pkgver': '5.8.0-1018.20'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-36-generic', 'pkgver': '5.8.0-36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-36-generic-64k', 'pkgver': '5.8.0-36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-36-generic-lpae', 'pkgver': '5.8.0-36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-36-lowlatency', 'pkgver': '5.8.0-36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-aws', 'pkgver': '5.8.0.1018.20'},\n {'osver': '20.10', 'pkgname': 'linux-image-azure', 'pkgver': '5.8.0.1017.17'},\n {'osver': '20.10', 'pkgname': 'linux-image-gcp', 'pkgver': '5.8.0.1016.16'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-64k', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-gke', 'pkgver': '5.8.0.1016.16'},\n {'osver': '20.10', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-oracle', 'pkgver': '5.8.0.1015.15'},\n {'osver': '20.10', 'pkgname': 'linux-image-virtual', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.8.0.36.40'},\n {'osver': '20.10', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.8.0.36.40'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-image-4.15.0-1063-oracle / linux-image-4.15.0-1092-aws / etc');\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-19T14:34:25", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4689-1 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. (CVE-2021-1053)\n\n - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. (CVE-2021-1056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-13T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : NVIDIA graphics drivers vulnerabilities (USN-4689-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:libcuda1-384", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-460", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-390", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-440", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-450", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-455", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-384", "p-cpe:/a:canonical:ubuntu_linux:nvidia-384-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-460", "p-cpe:/a:canonical:ubuntu_linux:nvidia-libopencl1-384", "p-cpe:/a:canonical:ubuntu_linux:nvidia-opencl-icd-384", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-390", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-440", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-450", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-455", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-460", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-390", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-440", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-450", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-455", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-460"], "id": "UBUNTU_USN-4689-1.NASL", "href": "https://www.tenable.com/plugins/nessus/144897", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4689-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144897);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-1052\", \"CVE-2021-1053\", \"CVE-2021-1056\");\n script_xref(name:\"USN\", value:\"4689-1\");\n script_xref(name:\"IAVB\", value:\"2021-B-0005\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : NVIDIA graphics drivers vulnerabilities (USN-4689-1)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4689-1 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy\n privileged APIs, which may lead to denial of service, escalation of privileges, and information\n disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may\n lead to denial of service. (CVE-2021-1053)\n\n - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer\n (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU\n device-level isolation, which may lead to denial of service or information disclosure. (CVE-2021-1056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4689-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1052\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcuda1-384\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-384\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-384-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-libopencl1-384\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-opencl-icd-384\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-460\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-440\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-450\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-455\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-460\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libcuda1-384', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-extra-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-extra-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-extra-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-extra-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-384', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-384-dev', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-libopencl1-384', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-opencl-icd-384', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-390', 'pkgver': '390.141-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-440', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-450', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-455', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-460', 'pkgver': '460.32.03-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'libcuda1-384', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-extra-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-extra-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-extra-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-extra-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-384', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-384-dev', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-libopencl1-384', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-opencl-icd-384', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-390', 'pkgver': '390.141-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-440', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-450', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-455', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-460', 'pkgver': '460.32.03-0ubuntu0.20.04.1'},\n {'osver': '20.10', 'pkgname': 'libcuda1-384', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-extra-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-extra-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-extra-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-extra-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-384', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-384-dev', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-libopencl1-384', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-opencl-icd-384', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-390', 'pkgver': '390.141-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-440', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-450', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-455', 'pkgver': '460.32.03-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-460', 'pkgver': '460.32.03-0ubuntu0.20.10.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libcuda1-384 / libnvidia-cfg1-390 / libnvidia-cfg1-440 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:37:10", "description": "A display driver installed on the remote Windows host is affected by multiple vulnerabilities:\n \n - NVIDIA GPU Display Driver contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges (CVE-2020-5962).\n\n - NVIDIA CUDA Driver contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure (CVE-2020-5963).\n\n - NVIDIA GPU Display Driver contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure (CVE-2020-5964).\n Note that Nessus has not attempted to exploit these issues but has instead relied only on the driver's self-reported version number.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.8}, "published": "2021-01-15T00:00:00", "type": "nessus", "title": "NVIDIA Windows GPU Display Driver (January 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5962", "CVE-2020-5963", "CVE-2020-5964", "CVE-2021-1051", "CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1054", "CVE-2021-1055"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/a:nvidia:gpu_driver"], "id": "NVIDIA_WIN_2021_01.NASL", "href": "https://www.tenable.com/plugins/nessus/145035", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145035);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2021-1051\",\n \"CVE-2021-1052\",\n \"CVE-2021-1053\",\n \"CVE-2021-1054\",\n \"CVE-2021-1055\"\n );\n script_xref(name:\"IAVB\", value:\"2021-B-0005\");\n\n script_name(english:\"NVIDIA Windows GPU Display Driver (January 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The NVIDIA GPU display driver software on the remote Windows host is missing a vendor-supplied patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A display driver installed on the remote Windows host is affected by multiple vulnerabilities:\n \n - NVIDIA GPU Display Driver contains a vulnerability in the NVIDIA Control Panel component, in which an \n attacker with local system access can corrupt a system file, which may lead to denial of service or \n escalation of privileges (CVE-2020-5962).\n\n - NVIDIA CUDA Driver contains a vulnerability in the Inter Process Communication APIs, in which improper\n access control may lead to code execution, denial of service, or information disclosure (CVE-2020-5963).\n\n - NVIDIA GPU Display Driver contains a vulnerability in the service host component, in which the \n application resources integrity check may be missed. Such an attack may lead to code execution, \n denial of service or information disclosure (CVE-2020-5964).\n \n Note that Nessus has not attempted to exploit these issues but has instead relied only on the driver's\n self-reported version number.\");\n # https://nvidia.custhelp.com/app/answers/detail/a_id/5031\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4702d9ab\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the NVIDIA graphics driver in accordance with the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1052\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/15\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:nvidia:gpu_driver\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wmi_enum_display_drivers.nbin\");\n script_require_keys(\"WMI/DisplayDrivers/NVIDIA\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\ninclude('vcf_extras_nvidia.inc');\n\nvar app_info = vcf::nvidia_gpu::get_app_info(win_local:TRUE);\n\nif (report_paranoia < 2) \n audit(AUDIT_PARANOID);\n\nvar constraints = [\n {'min_version': '390.0', 'fixed_version': '392.63', 'gpumodel': ['nvs', 'quadro']},\n {'min_version': '418.0', 'fixed_version': '427.11', 'gpumodel': 'tesla'},\n {'min_version': '450.0', 'fixed_version': '452.77', 'gpumodel': ['quadro', 'nvs', 'tesla']},\n {'min_version': '460.0', 'fixed_version': '461.09', 'gpumodel': ['geforce', 'quadro', 'nvs', 'tesla']}\n];\n\nvcf::nvidia_gpu::check_version_and_report(\n app_info:app_info, \n constraints:constraints, \n severity:SECURITY_HOLE\n);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:28:03", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4689-3 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. (CVE-2021-1053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-20T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : NVIDIA graphics drivers vulnerabilities (USN-4689-3)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-450-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-418-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-440-server", "p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-450-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-418-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-440-server", "p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-450-server", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-418-server", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-440-server", "p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-450-server"], "id": "UBUNTU_USN-4689-3.NASL", "href": "https://www.tenable.com/plugins/nessus/145228", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4689-3. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145228);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-1052\", \"CVE-2021-1053\");\n script_xref(name:\"USN\", value:\"4689-3\");\n script_xref(name:\"IAVB\", value:\"2021-B-0005\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : NVIDIA graphics drivers vulnerabilities (USN-4689-3)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4689-3 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy\n privileged APIs, which may lead to denial of service, escalation of privileges, and information\n disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may\n lead to denial of service. (CVE-2021-1053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4689-3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1052\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-cfg1-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-common-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-compute-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-decode-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-encode-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-extra-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-fbc1-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-gl-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnvidia-ifr1-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-compute-utils-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-dkms-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-driver-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-headless-no-dkms-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-common-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-utils-450-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-418-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-440-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xserver-xorg-video-nvidia-450-server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-cfg1-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-common-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-compute-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-decode-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-encode-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-extra-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-extra-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-fbc1-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-gl-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libnvidia-ifr1-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-compute-utils-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-dkms-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-driver-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-headless-no-dkms-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-common-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-kernel-source-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'nvidia-utils-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-418-server', 'pkgver': '418.181.07-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-440-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'xserver-xorg-video-nvidia-450-server', 'pkgver': '450.102.04-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-cfg1-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-common-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-compute-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-decode-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-encode-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-extra-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-extra-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-fbc1-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-gl-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libnvidia-ifr1-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-compute-utils-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-dkms-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-driver-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-headless-no-dkms-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-common-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-kernel-source-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'nvidia-utils-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-418-server', 'pkgver': '418.181.07-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-440-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'xserver-xorg-video-nvidia-450-server', 'pkgver': '450.102.04-0ubuntu0.20.04.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-cfg1-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-common-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-compute-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-decode-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-encode-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-extra-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-extra-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-fbc1-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-gl-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'libnvidia-ifr1-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-compute-utils-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-dkms-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-driver-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-headless-no-dkms-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-common-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-kernel-source-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'nvidia-utils-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-418-server', 'pkgver': '418.181.07-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-440-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'},\n {'osver': '20.10', 'pkgname': 'xserver-xorg-video-nvidia-450-server', 'pkgver': '450.102.04-0ubuntu0.20.10.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libnvidia-cfg1-418-server / libnvidia-cfg1-440-server / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:37:11", "description": "The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities:\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. (CVE\u20112021\u20111052) \n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. (CVE\u20112021\u20111053)\n\nNote that Nessus has not tested for the issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-15T00:00:00", "type": "nessus", "title": "NVIDIA Linux GPU Display (January 2021)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053"], "modified": "2021-08-11T00:00:00", "cpe": ["cpe:/a:nvidia:gpu_driver"], "id": "NVIDIA_UNIX_2021_01.NASL", "href": "https://www.tenable.com/plugins/nessus/145034", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145034);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/11\");\n\n script_cve_id(\"CVE-2021-1052\", \"CVE-2021-1053\");\n script_xref(name:\"IAVB\", value:\"2021-B-0005\");\n\n script_name(english:\"NVIDIA Linux GPU Display (January 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A display driver installed on the remote Linux host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer \n (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged\n APIs, which may lead to denial of service, escalation of privileges, and information disclosure. (CVE\u00e2\u0080\u00912021\u00e2\u0080\u00911052)\n \n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys)\n handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of \n service. (CVE\u00e2\u0080\u00912021\u00e2\u0080\u00911053)\n\nNote that Nessus has not tested for the issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://nvidia.custhelp.com/app/answers/detail/a_id/5142\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce9736e3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the NVIDIA graphics driver in accordance with the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1052\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/15\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:nvidia:gpu_driver\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nvidia_unix_driver_detect.nbin\");\n script_require_keys(\"NVIDIA_UNIX_Driver/Version\", \"NVIDIA_UNIX_Driver/GPU_Model\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf_extras_nvidia.inc');\n\nvar app_info = vcf::nvidia_gpu::get_app_info();\n\nif (report_paranoia < 2) \n audit(AUDIT_PARANOID);\n\nvar constraints = [\n {'min_version':'450', 'fixed_version':'450.102.04', 'gpumodel':['geforce', 'nvs','quadro', 'tesla']},\n {'min_version':'460', 'fixed_version':'460.32.03', 'gpumodel':['geforce', 'nvs','quadro', 'tesla']}\n];\n\nvcf::nvidia_gpu::check_version_and_report(\n app_info:app_info, \n constraints:constraints, \n severity:SECURITY_HOLE\n);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-19T14:33:27", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4689-4 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service. (CVE-2021-1053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-21T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel update (USN-4689-4)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-134-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-134-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-134-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-64-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-64-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1017-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1019-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1019-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1020-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge"], "id": "UBUNTU_USN-4689-4.NASL", "href": "https://www.tenable.com/plugins/nessus/145234", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4689-4. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145234);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2021-1052\", \"CVE-2021-1053\");\n script_xref(name:\"USN\", value:\"4689-4\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel update (USN-4689-4)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4689-4 advisory.\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy\n privileged APIs, which may lead to denial of service, escalation of privileges, and information\n disclosure. (CVE-2021-1052)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may\n lead to denial of service. (CVE-2021-1053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4689-4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1052\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-134-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-134-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-134-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-64-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-64-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1017-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1019-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1019-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1020-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-40-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2021-1052', 'CVE-2021-1053');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4689-4');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-134-generic', 'pkgver': '4.15.0-134.138'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-134-generic-lpae', 'pkgver': '4.15.0-134.138'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-134-lowlatency', 'pkgver': '4.15.0-134.138'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-64-generic', 'pkgver': '5.4.0-64.72~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-64-generic-lpae', 'pkgver': '5.4.0-64.72~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-64-lowlatency', 'pkgver': '5.4.0-64.72~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon-hwe-18.04', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon-hwe-18.04-edge', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.134.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.64.72~18.04.59'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-64-generic', 'pkgver': '5.4.0-64.72'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-64-generic-lpae', 'pkgver': '5.4.0-64.72'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-64-lowlatency', 'pkgver': '5.4.0-64.72'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-40-generic', 'pkgver': '5.8.0-40.45~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-40-generic-lpae', 'pkgver': '5.8.0-40.45~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-40-lowlatency', 'pkgver': '5.8.0-40.45~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.64.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.8.0.40.45~20.04.25'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1017-oracle', 'pkgver': '5.8.0-1017.18'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1019-azure', 'pkgver': '5.8.0-1019.21'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1019-gcp', 'pkgver': '5.8.0-1019.20'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1020-aws', 'pkgver': '5.8.0-1020.22'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-40-generic', 'pkgver': '5.8.0-40.45'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-40-generic-64k', 'pkgver': '5.8.0-40.45'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-40-generic-lpae', 'pkgver': '5.8.0-40.45'},\n {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-40-lowlatency', 'pkgver': '5.8.0-40.45'},\n {'osver': '20.10', 'pkgname': 'linux-image-aws', 'pkgver': '5.8.0.1020.22'},\n {'osver': '20.10', 'pkgname': 'linux-image-azure', 'pkgver': '5.8.0.1019.19'},\n {'osver': '20.10', 'pkgname': 'linux-image-gcp', 'pkgver': '5.8.0.1019.19'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-64k', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-gke', 'pkgver': '5.8.0.1019.19'},\n {'osver': '20.10', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-oracle', 'pkgver': '5.8.0.1017.17'},\n {'osver': '20.10', 'pkgname': 'linux-image-virtual', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.8.0.40.44'},\n {'osver': '20.10', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.8.0.40.44'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-image-4.15.0-134-generic / linux-image-4.15.0-134-generic-lpae / etc');\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:43:07", "description": "The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation. Successful exploitation of this vulnerability by an unauthenticated, local attacker may lead to denial of service or information disclosure.\n\nNote that Nessus has not tested for the issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-02-11T00:00:00", "type": "nessus", "title": "NVIDIA Linux GPU Display (January 2021) (CVE-2021-1056)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056"], "modified": "2021-10-25T00:00:00", "cpe": ["cpe:/a:nvidia:gpu_driver"], "id": "NVIDIA_UNIX_2021_01_CVE-2021-1056.NASL", "href": "https://www.tenable.com/plugins/nessus/146429", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146429);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/25\");\n\n script_cve_id(\"CVE-2021-1056\");\n script_xref(name:\"IAVB\", value:\"2021-B-0005\");\n\n script_name(english:\"NVIDIA Linux GPU Display (January 2021) (CVE-2021-1056)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A display driver installed on the remote Linux host is affected by a denial or service / information disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by\na vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system\npermissions to provide GPU device-level isolation. Successful exploitation of this vulnerability by an unauthenticated, local attacker \nmay lead to denial of service or information disclosure.\n\nNote that Nessus has not tested for the issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://nvidia.custhelp.com/app/answers/detail/a_id/5142\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce9736e3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the NVIDIA graphics driver in accordance with the vendor advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1056\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/11\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:nvidia:gpu_driver\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"nvidia_unix_driver_detect.nbin\");\n script_require_keys(\"NVIDIA_UNIX_Driver/Version\", \"NVIDIA_UNIX_Driver/GPU_Model\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\nif (report_paranoia < 2) \n audit(AUDIT_PARANOID);\n\nversion = get_kb_item_or_exit('NVIDIA_UNIX_Driver/Version');\ngpumodel = get_kb_item_or_exit('NVIDIA_UNIX_Driver/GPU_Model');\ngpumodel = tolower(gpumodel);\n\nfix = '';\n\nif ('geforce' >< gpumodel)\n{\n if (version =~ \"^460\\.\")\n fix = '460.32.03';\n \n if (version =~ \"^450\\.\")\n fix = '450.102.04';\n} \nelse if ('quadro' >< gpumodel || 'nvs' >< gpumodel)\n{\n if (version =~ \"^460\\.\")\n fix = '460.32.03';\n \n if (version =~ \"^450\\.\")\n fix = '450.102.04';\n\n if (version =~ \"^390\\.\")\n fix = '390.141';\n}\nelse if('tesla' >< gpumodel)\n{\n if (version =~ \"^460\\.\")\n fix = '460.32.03';\n \n if (version =~ \"^450\\.\")\n fix = '450.102.04';\n \n if (version =~ \"^418\\.\")\n fix = '418.181.07';\n}\n\nif (empty_or_null(fix))\n audit(AUDIT_HOST_NOT, 'affected');\n\nif (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_VER_NOT_VULN, 'NVIDIA UNIX Driver', version);\n \nreport = '\\n Installed driver version : ' + version +\n '\\n Fixed driver version : ' + fix;\n\nsecurity_report_v4(severity:SECURITY_NOTE, port:0, extra:report);\n \n", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-01-10T18:58:26", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2888 advisory.\n\n - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. (CVE-2021-1056)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption. (CVE-2021-1076)\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. (CVE-2021-1093)\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. (CVE-2021-1094)\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. (CVE-2021-1095)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-18T00:00:00", "type": "nessus", "title": "Debian DLA-2888-1 : nvidia-graphics-drivers - LTS security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056", "CVE-2021-1076", "CVE-2021-1093", "CVE-2021-1094", "CVE-2021-1095"], "modified": "2022-01-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcuda1", "p-cpe:/a:debian:debian_linux:libcuda1-i386", "p-cpe:/a:debian:debian_linux:libegl-nvidia0", "p-cpe:/a:debian:debian_linux:libegl1-glvnd-nvidia", "p-cpe:/a:debian:debian_linux:libegl1-nvidia", "p-cpe:/a:debian:debian_linux:libgl1-glvnd-nvidia-glx", "p-cpe:/a:debian:debian_linux:libgl1-nvidia-glvnd-glx", "p-cpe:/a:debian:debian_linux:libgl1-nvidia-glx", "p-cpe:/a:debian:debian_linux:libgles-nvidia1", "p-cpe:/a:debian:debian_linux:libgles-nvidia2", "p-cpe:/a:debian:debian_linux:libgles1-glvnd-nvidia", "p-cpe:/a:debian:debian_linux:libgles1-nvidia", "p-cpe:/a:debian:debian_linux:libgles2-glvnd-nvidia", "p-cpe:/a:debian:debian_linux:libgles2-nvidia", "p-cpe:/a:debian:debian_linux:libglvnd0-nvidia", "p-cpe:/a:debian:debian_linux:libglx-nvidia0", "p-cpe:/a:debian:debian_linux:libglx0-glvnd-nvidia", "p-cpe:/a:debian:debian_linux:libnvcuvid1", "p-cpe:/a:debian:debian_linux:libnvidia-cfg1", "p-cpe:/a:debian:debian_linux:libnvidia-compiler", "p-cpe:/a:debian:debian_linux:libnvidia-eglcore", "p-cpe:/a:debian:debian_linux:libnvidia-encode1", "p-cpe:/a:debian:debian_linux:libnvidia-fatbinaryloader", "p-cpe:/a:debian:debian_linux:libnvidia-fbc1", "p-cpe:/a:debian:debian_linux:libnvidia-glcore", "p-cpe:/a:debian:debian_linux:libnvidia-ifr1", "p-cpe:/a:debian:debian_linux:libnvidia-ml1", "p-cpe:/a:debian:debian_linux:libnvidia-ptxjitcompiler1", "p-cpe:/a:debian:debian_linux:libopengl0-glvnd-nvidia", "p-cpe:/a:debian:debian_linux:nvidia-alternative", "p-cpe:/a:debian:debian_linux:nvidia-cuda-mps", "p-cpe:/a:debian:debian_linux:nvidia-detect", "p-cpe:/a:debian:debian_linux:nvidia-driver", "p-cpe:/a:debian:debian_linux:nvidia-driver-bin", "p-cpe:/a:debian:debian_linux:nvidia-driver-libs", "p-cpe:/a:debian:debian_linux:nvidia-driver-libs-i386", "p-cpe:/a:debian:debian_linux:nvidia-driver-libs-nonglvnd", "p-cpe:/a:debian:debian_linux:nvidia-driver-libs-nonglvnd-i386", "p-cpe:/a:debian:debian_linux:nvidia-egl-common", "p-cpe:/a:debian:debian_linux:nvidia-egl-icd", "p-cpe:/a:debian:debian_linux:nvidia-kernel-dkms", "p-cpe:/a:debian:debian_linux:nvidia-kernel-source", "p-cpe:/a:debian:debian_linux:nvidia-kernel-support", "p-cpe:/a:debian:debian_linux:nvidia-legacy-check", "p-cpe:/a:debian:debian_linux:nvidia-libopencl1", "p-cpe:/a:debian:debian_linux:nvidia-nonglvnd-vulkan-common", "p-cpe:/a:debian:debian_linux:nvidia-nonglvnd-vulkan-icd", "p-cpe:/a:debian:debian_linux:nvidia-opencl-common", "p-cpe:/a:debian:debian_linux:nvidia-opencl-icd", "p-cpe:/a:debian:debian_linux:nvidia-smi", "p-cpe:/a:debian:debian_linux:nvidia-vdpau-driver", "p-cpe:/a:debian:debian_linux:nvidia-vulkan-common", "p-cpe:/a:debian:debian_linux:nvidia-vulkan-icd", "p-cpe:/a:debian:debian_linux:xserver-xorg-video-nvidia", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2888.NASL", "href": "https://www.tenable.com/plugins/nessus/156794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2888. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156794);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/18\");\n\n script_cve_id(\n \"CVE-2021-1056\",\n \"CVE-2021-1076\",\n \"CVE-2021-1093\",\n \"CVE-2021-1094\",\n \"CVE-2021-1095\"\n );\n\n script_name(english:\"Debian DLA-2888-1 : nvidia-graphics-drivers - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2888 advisory.\n\n - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer\n (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU\n device-level isolation, which may lead to denial of service or information disclosure. (CVE-2021-1056)\n\n - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode\n layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information\n disclosure, or data corruption. (CVE-2021-1076)\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver\n contains an assert() or similar statement that can be triggered by an attacker, which leads to an\n application exit or other behavior that is more severe than necessary, and may lead to denial of service\n or system crash. (CVE-2021-1093)\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer\n (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service\n or information disclosure. (CVE-2021-1094)\n\n - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer\n (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted\n pointer may lead to denial of service. (CVE-2021-1095)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987216\");\n # https://security-tracker.debian.org/tracker/source-package/nvidia-graphics-drivers\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f8601151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-1056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-1076\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-1093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-1094\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-1095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/nvidia-graphics-drivers\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the nvidia-graphics-drivers packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 390.144-1~deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-1076\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcuda1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcuda1-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libegl-nvidia0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libegl1-glvnd-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libegl1-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgl1-glvnd-nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgl1-nvidia-glvnd-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgl1-nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgles-nvidia1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgles-nvidia2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgles1-glvnd-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgles1-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgles2-glvnd-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgles2-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libglvnd0-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libglx-nvidia0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libglx0-glvnd-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvcuvid1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-cfg1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-compiler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-eglcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-encode1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-fatbinaryloader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-fbc1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-glcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-ifr1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-ml1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnvidia-ptxjitcompiler1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libopengl0-glvnd-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-alternative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-cuda-mps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-detect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-driver-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-driver-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-driver-libs-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-driver-libs-nonglvnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-driver-libs-nonglvnd-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-egl-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-egl-icd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-kernel-dkms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-kernel-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-legacy-check\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-libopencl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-nonglvnd-vulkan-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-nonglvnd-vulkan-icd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-opencl-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-opencl-icd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-smi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-vdpau-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-vulkan-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nvidia-vulkan-icd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xserver-xorg-video-nvidia\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libcuda1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libcuda1-i386', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libegl-nvidia0', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libegl1-glvnd-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libegl1-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgl1-glvnd-nvidia-glx', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgl1-nvidia-glvnd-glx', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgl1-nvidia-glx', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgles-nvidia1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgles-nvidia2', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgles1-glvnd-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgles1-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgles2-glvnd-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libgles2-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libglvnd0-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libglx-nvidia0', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libglx0-glvnd-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvcuvid1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-cfg1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-compiler', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-eglcore', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-encode1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-fatbinaryloader', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-fbc1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-glcore', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-ifr1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-ml1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libnvidia-ptxjitcompiler1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'libopengl0-glvnd-nvidia', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-alternative', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-cuda-mps', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-detect', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-driver', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-driver-bin', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-driver-libs', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-driver-libs-i386', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-driver-libs-nonglvnd', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-driver-libs-nonglvnd-i386', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-egl-common', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-egl-icd', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-kernel-dkms', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-kernel-source', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-kernel-support', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-legacy-check', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-libopencl1', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-nonglvnd-vulkan-common', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-nonglvnd-vulkan-icd', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-opencl-common', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-opencl-icd', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-smi', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-vdpau-driver', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-vulkan-common', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'nvidia-vulkan-icd', 'reference': '390.144-1~deb9u1'},\n {'release': '9.0', 'prefix': 'xserver-xorg-video-nvidia', 'reference': '390.144-1~deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libcuda1 / libcuda1-i386 / libegl-nvidia0 / libegl1-glvnd-nvidia / etc');\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2023-01-26T15:28:39", "description": "## Releases\n\n * Ubuntu 20.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-aws-5.4 \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-azure \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-azure-4.15 \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-azure-5.4 \\- Linux kernel for Microsoft Azure cloud systems\n * linux-gcp \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-gcp-5.4 \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-hwe-5.4 \\- Linux hardware enablement (HWE) kernel\n * linux-hwe-5.8 \\- Linux hardware enablement (HWE) kernel\n * linux-oem-5.6 \\- Linux kernel for OEM systems\n * linux-oracle \\- Linux kernel for Oracle Cloud systems\n * linux-oracle-5.4 \\- Linux kernel for Oracle Cloud systems\n\nUSN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. \nThis update provides the corresponding updates for the NVIDIA Linux \nDKMS kernel modules.\n\nOriginal advisory details:\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ncontained a vulnerability that allowed user-mode clients to access legacy \nprivileged APIs. A local attacker could use this to cause a denial of \nservice or escalate privileges. (CVE-2021-1052)\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ndid not properly validate a pointer received from userspace in some \nsituations. A local attacker could use this to cause a denial of service. \n(CVE-2021-1053)\n\nXinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux \nkernel did not properly restrict device-level GPU isolation. A local \nattacker could use this to cause a denial of service or possibly expose \nsensitive information. (CVE-2021-1056)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-11T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-11T00:00:00", "id": "USN-4689-2", "href": "https://ubuntu.com/security/notices/USN-4689-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T15:28:44", "description": "## Releases\n\n * Ubuntu 20.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n\n## Packages\n\n * nvidia-graphics-drivers-390 \\- NVIDIA binary X.Org driver\n * nvidia-graphics-drivers-450 \\- NVIDIA binary X.Org driver\n * nvidia-graphics-drivers-460 \\- NVIDIA binary X.Org driver\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ncontained a vulnerability that allowed user-mode clients to access legacy \nprivileged APIs. A local attacker could use this to cause a denial of \nservice or escalate privileges. (CVE-2021-1052)\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ndid not properly validate a pointer received from userspace in some \nsituations. A local attacker could use this to cause a denial of service. \n(CVE-2021-1053)\n\nXinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux \nkernel did not properly restrict device-level GPU isolation. A local \nattacker could use this to cause a denial of service or possibly expose \nsensitive information. (CVE-2021-1056)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-11T00:00:00", "type": "ubuntu", "title": "NVIDIA graphics drivers vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-11T00:00:00", "id": "USN-4689-1", "href": "https://ubuntu.com/security/notices/USN-4689-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T15:28:25", "description": "## Releases\n\n * Ubuntu 20.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n\n## Packages\n\n * nvidia-graphics-drivers-418-server \\- NVIDIA Server Driver\n * nvidia-graphics-drivers-450-server \\- NVIDIA Server Driver\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ncontained a vulnerability that allowed user-mode clients to access legacy \nprivileged APIs. A local attacker could use this to cause a denial of \nservice or escalate privileges. (CVE-2021-1052)\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ndid not properly validate a pointer received from userspace in some \nsituations. A local attacker could use this to cause a denial of service. \n(CVE-2021-1053)\n\nXinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux \nkernel did not properly restrict device-level GPU isolation. A local \nattacker could use this to cause a denial of service or possibly expose \nsensitive information. (CVE-2021-1056)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-20T00:00:00", "type": "ubuntu", "title": "NVIDIA graphics drivers vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-20T00:00:00", "id": "USN-4689-3", "href": "https://ubuntu.com/security/notices/USN-4689-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T15:28:12", "description": "## Releases\n\n * Ubuntu 20.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-azure \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-gcp \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-hwe-5.4 \\- Linux hardware enablement (HWE) kernel\n * linux-hwe-5.8 \\- Linux hardware enablement (HWE) kernel\n * linux-oracle \\- Linux kernel for Oracle Cloud systems\n\nUSN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. \nThis update provides the corresponding updates for the NVIDIA Linux \nDKMS kernel modules.\n\nOriginal advisory details:\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ncontained a vulnerability that allowed user-mode clients to access legacy \nprivileged APIs. A local attacker could use this to cause a denial of \nservice or escalate privileges. (CVE-2021-1052)\n\nIt was discovered that the NVIDIA GPU display driver for the Linux kernel \ndid not properly validate a pointer received from userspace in some \nsituations. A local attacker could use this to cause a denial of service. \n(CVE-2021-1053)\n\nXinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux \nkernel did not properly restrict device-level GPU isolation. A local \nattacker could use this to cause a denial of service or possibly expose \nsensitive information. (CVE-2021-1056)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-21T00:00:00", "type": "ubuntu", "title": "Linux kernel update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052", "CVE-2021-1053", "CVE-2021-1056"], "modified": "2021-01-21T00:00:00", "id": "USN-4689-4", "href": "https://ubuntu.com/security/notices/USN-4689-4", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:44:24", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1063", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1063"], "modified": "2021-01-11T20:55:00", "cpe": [], "id": "CVE-2021-1063", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1063", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:23", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1062", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1062"], "modified": "2021-01-11T20:54:00", "cpe": [], "id": "CVE-2021-1062", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1062", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:11", "description": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.8}, "published": "2021-01-08T01:15:00", "type": "cve", "title": "CVE-2021-1051", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1051"], "modified": "2021-07-23T19:42:00", "cpe": [], "id": "CVE-2021-1051", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1051", "cvss": {"score": 6.6, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-07-13T16:00:08", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1066", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1066"], "modified": "2022-07-12T17:42:00", "cpe": [], "id": "CVE-2021-1066", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1066", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-07-13T16:00:08", "description": "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T01:15:00", "type": "cve", "title": "CVE-2021-1052", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052"], "modified": "2022-07-12T17:42:00", "cpe": [], "id": "CVE-2021-1052", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1052", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:18", "description": "NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1057", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1057"], "modified": "2021-01-11T21:00:00", "cpe": [], "id": "CVE-2021-1057", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1057", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:16", "description": "NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-08T01:15:00", "type": "cve", "title": "CVE-2021-1054", "cwe": ["CWE-863"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1054"], "modified": "2021-01-14T15:35:00", "cpe": [], "id": "CVE-2021-1054", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1054", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:13", "description": "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-08T01:15:00", "type": "cve", "title": "CVE-2021-1053", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1053"], "modified": "2021-01-14T15:34:00", "cpe": [], "id": "CVE-2021-1053", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1053", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:26", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1065", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1065"], "modified": "2021-01-11T20:56:00", "cpe": [], "id": "CVE-2021-1065", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1065", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-07-13T16:00:08", "description": "NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.4}, "published": "2021-01-08T01:15:00", "type": "cve", "title": "CVE-2021-1055", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1055"], "modified": "2022-07-12T17:42:00", "cpe": [], "id": "CVE-2021-1055", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1055", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-29T21:06:50", "description": "NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T01:15:00", "type": "cve", "title": "CVE-2021-1056", "cwe": ["CWE-276"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056"], "modified": "2022-03-29T18:05:00", "cpe": ["cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2021-1056", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1056", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:44:20", "description": "NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1058", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1058"], "modified": "2021-01-14T18:12:00", "cpe": [], "id": "CVE-2021-1058", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1058", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:26", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1064", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1064"], "modified": "2021-01-11T20:56:00", "cpe": [], "id": "CVE-2021-1064", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1064", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:22", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1061", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1061"], "modified": "2021-01-11T20:53:00", "cpe": [], "id": "CVE-2021-1061", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1061", "cvss": {"score": 3.3, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:20", "description": "NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1059", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1059"], "modified": "2021-01-11T20:59:00", "cpe": [], "id": "CVE-2021-1059", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1059", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T12:44:22", "description": "NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T15:15:00", "type": "cve", "title": "CVE-2021-1060", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1060"], "modified": "2021-01-14T18:22:00", "cpe": [], "id": "CVE-2021-1060", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1060", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": []}], "debiancve": [{"lastseen": "2023-01-21T22:07:47", "description": "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-08T01:15:00", "type": "debiancve", "title": "CVE-2021-1052", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1052"], "modified": "2021-01-08T01:15:00", "id": "DEBIANCVE:CVE-2021-1052", "href": "https://security-tracker.debian.org/tracker/CVE-2021-1052", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-21T22:07:47", "description": "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-01-08T01:15:00", "type": "debiancve", "title": "CVE-2021-1053", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1053"], "modified": "2021-01-08T01:15:00", "id": "DEBIANCVE:CVE-2021-1053", "href": "https://security-tracker.debian.org/tracker/CVE-2021-1053", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-21T22:07:47", "description": "NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T01:15:00", "type": "debiancve", "title": "CVE-2021-1056", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056"], "modified": "2021-01-08T01:15:00", "id": "DEBIANCVE:CVE-2021-1056", "href": "https://security-tracker.debian.org/tracker/CVE-2021-1056", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}], "githubexploit": [{"lastseen": "2022-06-22T03:58:45", "description": "# CVE-2021-1056\n![LICENSE](https://img.shields.io/github/license...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-01-08T11:29:48", "type": "githubexploit", "title": "Exploit for Incorrect Default Permissions in Nvidia Gpu Driver", "bulletinFamily": "exploit", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056"], "modified": "2022-06-22T02:08:32", "id": "39050851-608A-577F-92C6-C74F6B3F9276", "href": "", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}, "privateArea": 1}], "debian": [{"lastseen": "2023-01-08T20:45:31", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2888-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nJanuary 18, 2022 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : nvidia-graphics-drivers\nVersion : 390.144-1~deb9u1\nCVE ID : CVE-2021-1056 CVE-2021-1076 CVE-2021-1093 CVE-2021-1094 \n CVE-2021-1095\nDebian Bug : 987216 987217 987218 987219 987220 987221 987222 991351\n 991352 991353 991354 991355 991356 991357 979670 979671\n 979672 979673 979674 979675\n\nMultiple security vulnerabilities have been discovered in the NVIDIA binary\ndriver and libraries that provide optimized hardware acceleration which may\nlead to denial of service, information disclosure or data corruption.\n\nFor Debian 9 stretch, these problems have been fixed in version\n390.144-1~deb9u1.\n\nWe recommend that you upgrade your nvidia-graphics-drivers packages.\n\nFor the detailed security status of nvidia-graphics-drivers please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/nvidia-graphics-drivers\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-18T20:42:16", "type": "debian", "title": "[SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056", "CVE-2021-1076", "CVE-2021-1093", "CVE-2021-1094", "CVE-2021-1095"], "modified": "2022-01-18T20:42:16", "id": "DEBIAN:DLA-2888-1:26FED", "href": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "osv": [{"lastseen": "2022-08-05T05:19:19", "description": "\nMultiple security vulnerabilities have been discovered in the NVIDIA binary\ndriver and libraries that provide optimized hardware acceleration which may\nlead to denial of service, information disclosure or data corruption.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n390.144-1~deb9u1.\n\n\nWe recommend that you upgrade your nvidia-graphics-drivers packages.\n\n\nFor the detailed security status of nvidia-graphics-drivers please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/nvidia-graphics-drivers>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-18T00:00:00", "type": "osv", "title": "nvidia-graphics-drivers - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1056", "CVE-2021-1095", "CVE-2021-1076", "CVE-2021-1093", "CVE-2021-1094"], "modified": "2022-08-05T05:19:17", "id": "OSV:DLA-2888-1", "href": "https://osv.dev/vulnerability/DLA-2888-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}]}