CVE-2021-1056

CVSS v3.1 7.1 (High)

CVSS v2.0 3.6 (Low)

EPSS 0.04 % (13^th)

Affected Products 3

Advisories 4

NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.

Weaknesses

CWE-276: Incorrect Default Permissions

CVE Status: PUBLISHED
CNA: NVIDIA Corporation
Published Date: 2021-01-08 01:15:14
(3 years ago)
Updated Date: 2023-10-13 01:34:52
(11 months ago)

Affected Products

Configuration #1

AND

		CPE23	From	Up To
OR
	Nvidia Gpu Driver from 390 version and prior 390.141 version	cpe:2.3:a:nvidia:gpu_driver	>= 390	< 390.141
OR
	Running on/with
	Nvidia Gpu Driver from 450 version and prior 450.102.04 version	cpe:2.3:a:nvidia:gpu_driver	>= 450	< 450.102.04
OR
	Running on/with
	Nvidia Gpu Driver from 460 version and prior 460.32.03 version	cpe:2.3:a:nvidia:gpu_driver	>= 460	< 460.32.03
OR
	Running on/with
	Linux Kernel	cpe:2.3:o:linux:linux_kernel:-

Configuration #2

		CPE23	From	Up To
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0

Weaknesses

Affected Products

Debian

Linux

Nvidia

Configuration #1

Configuration #2