Vulnerability Details CVE-2021-1056
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.059
EPSS Ranking 90.2%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 3.6
References
- https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
- https://nvidia.custhelp.com/app/answers/detail/a_id/5142
- https://security.gentoo.org/glsa/202310-02
- https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
- https://nvidia.custhelp.com/app/answers/detail/a_id/5142
- https://security.gentoo.org/glsa/202310-02
Products affected by CVE-2021-1056
-
cpe:2.3:a:nvidia:gpu_driver:390
-
cpe:2.3:a:nvidia:gpu_driver:450
-
cpe:2.3:a:nvidia:gpu_driver:460
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:linux:linux_kernel:-