Advisories » MGASA-2021-0203

Updated nvidia-current packages fix security vulnerabilities

Publication date: 02 May 2021
Modification date: 02 May 2021
Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2021-1076 , CVE-2021-1077

Description

Updated nvidia-current packages fix security vulnerabilities:

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel
mode layer (nvidia.ko) where improper access control may lead to denial of
service, information disclosure, or data corruption (CVE-2021-1076).

NVIDIA GPU Display Driver for Linux contains a vulnerability where the
software uses a reference count to manage a resource that is incorrectly
updated, which may lead to denial of service (CVE-2021-1077).

This also adds support for the following GPUs: RTX A5000, RTX A4000, T400,
T600, T1000 and support for newer kernels.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=28854
• https://nvidia.custhelp.com/app/answers/detail/a_id/5172
• https://www.nvidia.com/Download/driverResults.aspx/172376/en-us
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1076
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1077

SRPMS

7/core

• ldetect-lst-0.6.9.4-1.mga7

7/nonfree

• nvidia-current-460.73.01-1.mga7.nonfree

8/core

• ldetect-lst-0.6.26.3-1.mga8

8/nonfree

• nvidia-current-460.73.01-1.mga8.nonfree