Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 784596 (CVE‑2021‑1076, CVE‑2021‑1077) - <x11-drivers/nvidia-drivers-{390.143,450.119.03,460.73.01,465.24.02}: multiple vulnerabilities (CVE‑2021‑{1076,1077)
Summary: <x11-drivers/nvidia-drivers-{390.143,450.119.03,460.73.01,465.24.02}: multipl...
Status: RESOLVED FIXED
Alias: CVE‑2021‑1076, CVE‑2021‑1077
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://nvidia.custhelp.com/app/answe...
Whiteboard: A3 [glsa+]
Keywords: PullRequest
Depends on:
Blocks:
 
Reported: 2021-04-20 23:36 UTC by Ionen Wolkens
Modified: 2023-10-03 15:21 UTC (History)
3 users (show)

See Also:
Package list:
x11-drivers/nvidia-drivers-390.143-r1 * x11-drivers/nvidia-drivers-450.119.03 * x11-drivers/nvidia-drivers-460.84 *
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ionen Wolkens gentoo-dev 2021-04-20 23:36:41 UTC 
CVE‑2021‑1076:

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys/nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.

CVE‑2021‑1077:

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.

Affected versions: <{390.143,450.119.03,460.73.01,465.24.02}
Comment 1 Larry the Git Cow gentoo-dev 2021-04-21 12:22:24 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c382ff188444523f57de90e29bbad7e61d86b589

commit c382ff188444523f57de90e29bbad7e61d86b589
Author:     Ionen Wolkens <sudinave@gmail.com>
AuthorDate: 2021-04-21 12:20:07 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-04-21 12:20:07 +0000

    x11-drivers/nvidia-drivers: security bump to 465.24.02
    
    CVE‑2021‑1076 (bug #784596)
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <sudinave@gmail.com>
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   7 +
 .../nvidia-drivers/nvidia-drivers-465.24.02.ebuild | 409 +++++++++++++++++++++
 2 files changed, 416 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a87d9c56e071af0d4960863fb3add1d56e362b6

commit 1a87d9c56e071af0d4960863fb3add1d56e362b6
Author:     Ionen Wolkens <sudinave@gmail.com>
AuthorDate: 2021-04-21 12:20:04 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-04-21 12:20:04 +0000

    x11-drivers/nvidia-drivers: security bump to 460.73.01
    
    CVE‑2021‑1076, CVE‑2021‑1077 (bug #784596)
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <sudinave@gmail.com>
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   7 +
 .../nvidia-drivers/nvidia-drivers-460.73.01.ebuild | 408 +++++++++++++++++++++
 2 files changed, 415 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9c0f9c8f93f672250fbed874c32b368eae1f8485

commit 9c0f9c8f93f672250fbed874c32b368eae1f8485
Author:     Ionen Wolkens <sudinave@gmail.com>
AuthorDate: 2021-04-21 12:20:01 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-04-21 12:20:01 +0000

    x11-drivers/nvidia-drivers: security bump to 450.119.03
    
    - CVE‑2021‑1076, CVE‑2021‑1077 (bug #784596)
    - Adds compatibility for kernel 5.11.x
    
    - CONFIG_PM check now needed as changes requiring it were
      backported from 460.67 (bug #778920)
    
    Bug: https://bugs.gentoo.org/778920
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <sudinave@gmail.com>
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   7 +
 .../nvidia-drivers-450.119.03.ebuild               | 409 +++++++++++++++++++++
 2 files changed, 416 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=318a22f6a277bd58a0bc6697d18e457a79a845df

commit 318a22f6a277bd58a0bc6697d18e457a79a845df
Author:     Ionen Wolkens <sudinave@gmail.com>
AuthorDate: 2021-04-21 12:19:58 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-04-21 12:19:58 +0000

    x11-drivers/nvidia-drivers: security bump to 390.143
    
    - CVE‑2021‑1076 (bug #784596)
    - Adds compatibility for kernel 5.11.x
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <sudinave@gmail.com>
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   7 +
 .../nvidia-drivers/nvidia-drivers-390.143.ebuild   | 383 +++++++++++++++++++++
 2 files changed, 390 insertions(+)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-04-21 12:45:09 UTC 
Thank you! Please proceed with stabilization when ready.
Comment 3 NATTkA bot gentoo-dev 2021-04-25 08:52:23 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-04-25 09:12:26 UTC Comment hidden (obsolete)
Comment 5 Larry the Git Cow gentoo-dev 2021-07-20 01:23:43 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=467fe797a50aba4412535e616bc29b022b9049b5

commit 467fe797a50aba4412535e616bc29b022b9049b5
Author:     Ionen Wolkens <ionen@gentoo.org>
AuthorDate: 2021-07-19 18:23:35 +0000
Commit:     Ionen Wolkens <ionen@gentoo.org>
CommitDate: 2021-07-20 01:20:38 +0000

    x11-drivers/nvidia-drivers: stabilize 460.84 for amd64
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

 x11-drivers/nvidia-drivers/nvidia-drivers-460.84.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=85a97c2b84a21c8747ce3edc1a2e942ce2296f10

commit 85a97c2b84a21c8747ce3edc1a2e942ce2296f10
Author:     Ionen Wolkens <ionen@gentoo.org>
AuthorDate: 2021-07-19 18:22:34 +0000
Commit:     Ionen Wolkens <ionen@gentoo.org>
CommitDate: 2021-07-20 01:20:30 +0000

    x11-drivers/nvidia-drivers: stabilize 450.119.03 for amd64
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

 x11-drivers/nvidia-drivers/nvidia-drivers-450.119.03.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=deb705e782a493c48b052227560e5ad6b4807cb2

commit deb705e782a493c48b052227560e5ad6b4807cb2
Author:     Ionen Wolkens <ionen@gentoo.org>
AuthorDate: 2021-07-19 18:13:30 +0000
Commit:     Ionen Wolkens <ionen@gentoo.org>
CommitDate: 2021-07-20 01:20:05 +0000

    x11-drivers/nvidia-drivers: stabilize 390.143-r1 for amd64, x86
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

 x11-drivers/nvidia-drivers/nvidia-drivers-390.143-r1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 6 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-20 04:23:24 UTC 
Thanks, please cleanup!
Comment 7 Larry the Git Cow gentoo-dev 2021-07-21 19:44:42 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=093f2896c6a6bf45c913d31493cdb89ce57ee957

commit 093f2896c6a6bf45c913d31493cdb89ce57ee957
Author:     Ionen Wolkens <ionen@gentoo.org>
AuthorDate: 2021-07-20 03:27:35 +0000
Commit:     Ionen Wolkens <ionen@gentoo.org>
CommitDate: 2021-07-21 19:42:49 +0000

    x11-drivers/nvidia-drivers: drop vuln 390.141-r2, 450.102.04-r1
    
    Partial security cleanup, 460.67 will be kept for at least two weeks.
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |  14 -
 .../nvidia-drivers-390.141-r2.ebuild               | 388 --------------------
 .../nvidia-drivers-450.102.04-r1.ebuild            | 404 ---------------------
 3 files changed, 806 deletions(-)
Comment 8 NATTkA bot gentoo-dev 2021-07-22 15:12:26 UTC Comment hidden (obsolete)
Comment 9 Larry the Git Cow gentoo-dev 2021-08-02 16:33:17 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc451b780d39b6333b134b95658439e60436c3f3

commit cc451b780d39b6333b134b95658439e60436c3f3
Author:     Ionen Wolkens <ionen@gentoo.org>
AuthorDate: 2021-08-02 16:17:12 +0000
Commit:     Ionen Wolkens <ionen@gentoo.org>
CommitDate: 2021-08-02 16:20:59 +0000

    x11-drivers/nvidia-drivers: drop vulnerable 460.67
    
    Bug: https://bugs.gentoo.org/784596
    Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   7 -
 .../nvidia-drivers/nvidia-drivers-460.67.ebuild    | 410 ---------------------
 2 files changed, 417 deletions(-)
Comment 10 NATTkA bot gentoo-dev 2021-08-02 16:36:30 UTC 
Unable to check for sanity:

> no match for package: x11-drivers/nvidia-drivers-390.143-r1
Comment 11 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-31 04:17:46 UTC 
GLSA request filed
Comment 12 Larry the Git Cow gentoo-dev 2023-10-03 12:47:17 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=e0200868c5e75eb57e7355dc8786db0f79271aa3

commit e0200868c5e75eb57e7355dc8786db0f79271aa3
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-10-03 12:45:00 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2023-10-03 12:47:03 +0000

    [ GLSA 202310-02 ] NVIDIA Drivers: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/764512
    Bug: https://bugs.gentoo.org/784596
    Bug: https://bugs.gentoo.org/803389
    Bug: https://bugs.gentoo.org/832867
    Bug: https://bugs.gentoo.org/845063
    Bug: https://bugs.gentoo.org/866527
    Bug: https://bugs.gentoo.org/881341
    Bug: https://bugs.gentoo.org/884045
    Bug: https://bugs.gentoo.org/903614
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202310-02.xml | 131 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 131 insertions(+)