Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 764512 (CVE-2021-1052, CVE-2021-1053, CVE-2021-1056) - <x11-drivers/nvidia-drivers-{390.141, 450.102.04, 460.39}: multiple vulnerabilities (CVE-2021-{1052,1053,1056})
Summary: <x11-drivers/nvidia-drivers-{390.141, 450.102.04, 460.39}: multiple vulnerabi...
Status: RESOLVED FIXED
Alias: CVE-2021-1052, CVE-2021-1053, CVE-2021-1056
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: Gentoo Security
URL: https://nvidia.custhelp.com/app/answe...
Whiteboard: A3 [glsa+]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-01-08 20:18 UTC by John Helmert III
Modified: 2023-10-03 15:20 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-01-08 20:18:55 UTC
CVE-2021-1052:

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.

CVE-2021-1053:

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.

CVE-2021-1056:

NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.


So, branches 450 and 460 will get a fix the week of January 18th for Tesla devices, but the currently released fixed versions for other devices are 390.141, 450.102.04, and 460.32.03.
Comment 1 nvaert1986 2021-01-25 11:09:19 UTC
Is there any indication when nvidia-drivers-460.32.03 will be added to portage due to the security bugs?
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-01-27 02:03:39 UTC
Ping, looks like everything has been bumped upstream.
Comment 3 Ionen Wolkens gentoo-dev 2021-01-27 02:24:10 UTC
Been testing 460.39 and I don't readily see any issues with it, if anything it has some important fixes on top of everything else and may be a good candidate for the next stable when we get there.
Comment 4 Alexander Bezrukov 2021-01-27 07:56:32 UTC
I am running 390.141 with kernel 5.10.10-alb (with a minimum patch which fixes a long-standing (for years) bug with broken ddc communications), so far everything seems ok.
Comment 5 Alexander Bezrukov 2021-01-27 07:57:26 UTC
(In reply to Alexander Bezrukov from comment #4)
> I am running 390.141 with kernel 5.10.10-alb (with a minimum patch which
> fixes a long-standing (for years) bug with broken ddc communications), so
> far everything seems ok.

Sorry, typo, the kernel is vanilla 5.10.10.
Comment 6 Larry the Git Cow gentoo-dev 2021-02-08 08:58:33 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eac4960f316903a54acbf5ad0226b0ea2f06610c

commit eac4960f316903a54acbf5ad0226b0ea2f06610c
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-08 08:57:22 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-08 08:57:22 +0000

    x11-drivers/nvidia-drivers: Version bump to 460.39
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   2 +
 .../nvidia-drivers/nvidia-drivers-460.39.ebuild    | 578 +++++++++++++++++++++
 2 files changed, 580 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7bd4a386e620ffc386a0ea0edb895985459d921c

commit 7bd4a386e620ffc386a0ea0edb895985459d921c
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-08 08:57:16 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-08 08:57:16 +0000

    x11-drivers/nvidia-drivers: Version bump to 450.102.04
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   3 +
 .../nvidia-drivers-450.102.04.ebuild               | 578 +++++++++++++++++++++
 2 files changed, 581 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9ec1f2d8486971cfb13e6ae5faa9874e35819377

commit 9ec1f2d8486971cfb13e6ae5faa9874e35819377
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-08 08:57:10 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-08 08:57:10 +0000

    x11-drivers/nvidia-drivers: Version bump to 390.141
    
    Bug: https://bugs.gentoo.org/764512
    Closes: https://bugs.gentoo.org/767349
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   6 +
 .../nvidia-drivers/nvidia-drivers-390.141.ebuild   | 591 +++++++++++++++++++++
 2 files changed, 597 insertions(+)
Comment 7 Larry the Git Cow gentoo-dev 2021-02-14 14:22:33 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5a1d1797777b3a3caebd1f8887e74c314626312b

commit 5a1d1797777b3a3caebd1f8887e74c314626312b
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-14 14:22:18 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-14 14:22:18 +0000

    x11-drivers/nvidia-drivers: Remove old 460
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   3 -
 x11-drivers/nvidia-drivers/metadata.xml            |   2 -
 .../nvidia-drivers/nvidia-drivers-460.27.04.ebuild | 578 ---------------------
 3 files changed, 583 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0bb7ee9562316f7a481e9882f214629b1c0576fc

commit 0bb7ee9562316f7a481e9882f214629b1c0576fc
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-14 14:22:15 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-14 14:22:15 +0000

    x11-drivers/nvidia-drivers: Remove old 455
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   3 -
 .../nvidia-drivers-455.45.01-r1.ebuild             | 579 ---------------------
 2 files changed, 582 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d8e168227387c1287079529dea73729bd90ed384

commit d8e168227387c1287079529dea73729bd90ed384
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-14 14:22:12 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-14 14:22:12 +0000

    x11-drivers/nvidia-drivers: Remove old 450
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   3 -
 .../nvidia-drivers-450.80.02-r1.ebuild             | 578 ---------------------
 2 files changed, 581 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4a0b0e6360ae91c20819e9aea2024cef84df9dc

commit f4a0b0e6360ae91c20819e9aea2024cef84df9dc
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-14 14:22:09 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-14 14:22:09 +0000

    x11-drivers/nvidia-drivers: Remove old 440
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   3 -
 .../nvidia-drivers-440.100-r3.ebuild               | 575 ---------------------
 2 files changed, 578 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f5d2e1f6d18219ae2b1fab0df40724b95d163ee

commit 8f5d2e1f6d18219ae2b1fab0df40724b95d163ee
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-14 14:22:06 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-14 14:22:06 +0000

    x11-drivers/nvidia-drivers: Remove old 435
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   3 -
 .../nvidia-drivers/nvidia-drivers-435.21-r7.ebuild | 572 ---------------------
 2 files changed, 575 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10520b988206a8bdaccc01061c47a9f2c72239b0

commit 10520b988206a8bdaccc01061c47a9f2c72239b0
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2021-02-14 14:22:03 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2021-02-14 14:22:03 +0000

    x11-drivers/nvidia-drivers: Remove old 390
    
    Bug: https://bugs.gentoo.org/764512
    Package-Manager: Portage-3.0.14, Repoman-3.0.2
    Signed-off-by: David Seifert <soap@gentoo.org>

 x11-drivers/nvidia-drivers/Manifest                |   6 -
 .../nvidia-drivers-390.138-r5.ebuild               | 591 ---------------------
 2 files changed, 597 deletions(-)
Comment 8 Alex Belits 2021-02-16 11:05:06 UTC
440.100 is the latest driver that is not affected by a bug that causes kernel NULL pointer dereference (see https://forums.developer.nvidia.com/t/bug-report-455-23-04-kernel-panic-due-to-null-pointer-dereference/155506/166 ).

It may be that 418.181.07 is the only fixed version prior to that bug (see https://nvidia.custhelp.com/app/answers/detail/a_id/5142 ) that supports current hardware.

Neither is now available in repository.

There is also a problem with CUDA support -- downgrading to 390.x or 418.x would mean that only CUDA up to version 9 is supported.
Comment 9 Ionen Wolkens gentoo-dev 2021-03-22 03:06:45 UTC
(In reply to Alex Belits from comment #8)
> 440.100 is the latest driver that is not affected by a bug that causes
> kernel NULL pointer dereference
This issue is generally reported to be fixed in current drivers, some reports say 460.39 is fine and there were many reports on nvidia forums that 460.56 is.

440.100 will not be brought back
Comment 10 NATTkA bot gentoo-dev 2021-07-29 17:24:42 UTC Comment hidden (obsolete)
Comment 11 NATTkA bot gentoo-dev 2021-07-29 17:33:13 UTC Comment hidden (obsolete)
Comment 12 NATTkA bot gentoo-dev 2021-07-29 17:41:04 UTC Comment hidden (obsolete)
Comment 13 NATTkA bot gentoo-dev 2021-07-29 17:49:14 UTC Comment hidden (obsolete)
Comment 14 NATTkA bot gentoo-dev 2021-07-29 18:05:10 UTC Comment hidden (obsolete)
Comment 15 NATTkA bot gentoo-dev 2021-07-29 18:13:28 UTC
Package list is empty or all packages have requested keywords.
Comment 16 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-31 04:17:53 UTC
GLSA request filed
Comment 17 Larry the Git Cow gentoo-dev 2023-10-03 12:47:16 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=e0200868c5e75eb57e7355dc8786db0f79271aa3

commit e0200868c5e75eb57e7355dc8786db0f79271aa3
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-10-03 12:45:00 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2023-10-03 12:47:03 +0000

    [ GLSA 202310-02 ] NVIDIA Drivers: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/764512
    Bug: https://bugs.gentoo.org/784596
    Bug: https://bugs.gentoo.org/803389
    Bug: https://bugs.gentoo.org/832867
    Bug: https://bugs.gentoo.org/845063
    Bug: https://bugs.gentoo.org/866527
    Bug: https://bugs.gentoo.org/881341
    Bug: https://bugs.gentoo.org/884045
    Bug: https://bugs.gentoo.org/903614
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202310-02.xml | 131 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 131 insertions(+)