Updated nvidia390 packages fix security vulnerabilitiesPublication date: 22 May 2022
Affected Mageia releases : 8
CVE: CVE‑2022‑28181 , CVE‑2022‑28185
Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components (CVE‑2022‑28181). NVIDIA GPU Display Driver contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering (CVE‑2022‑28185). This driver also adds official support for kernel 5.17+ series.