[QSA-0118213]
NVIDIA graphics drivers vulnerabilities
Qlustar Security Advisory 0118213
January 18th, 2021
Summary:
NVIDIA graphics drivers vulnerabilities
Package(s) : qlustar-module-nvidia-bionic-amd64-11.0.1,
qlustar-module-nvidia-centos7-amd64-11.0.1,
qlustar-module-nvidia-centos8-amd64-11.0.1,
qlustar-module-nvidia-focal-amd64-12.0.0,
qlustar-module-nvidia-centos7-amd64-12.0.0,
qlustar-module-nvidia-centos8-amd64-12.0.0
Qlustar releases : 11.0, 12.0
Affected versions: All versions prior to this update
Vulnerability : privilege escalation/denial of service
Problem type : network
Qlustar-specific : no
CVE Id(s) : CVE-2021-1052, CVE-2021-1053, CVE-2021-1056
Relevant to Qlustar 12.0 and 11.0
It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges.
It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service.
Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following or more recent package versions (follow the Qlustar Update Instructions):
For Qlustar 12.0
qlustar-module-nvidia-focal-amd64-12.0.0 12.0.0.1-b528f1339
qlustar-module-nvidia-centos7-amd64-12.0.0 12.0.0.1-b528f1339
qlustar-module-nvidia-centos8-amd64-12.0.0 12.0.0.1-b528f1339
For Qlustar 11.0
qlustar-module-nvidia-bionic-amd64-11.0.1 11.0.1.5-b527f1338
qlustar-module-nvidia-centos7-amd64-11.0.1 11.0.1.5-b527f1340
qlustar-module-nvidia-centos8-amd64-11.0.1 11.0.1.5-b527f1340