Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Mageia MGASA-2022-0286 Urgent Fix for NVIDIA Graphics Driver Vulnerability

mageia
Calendar Grey August 18, 2022
Dist Mageia Esm H88
The latest updates for nvidia-current packages mitigate security vulnerabilities that pose risks of data breaches and denial of service in Mageia Linux systems.
Updated nvidia-current packages fix security vulnerabilities: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user...

Summary

Updated nvidia-current packages fix security vulnerabilities:
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure (CVE‑2022‑31607).
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering (CVE‑2022‑31608).
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null- pointer dereference, which may lead to denial of service (CVE‑2022‑31615).
NVIDIA GPU Display Driver for Linux contains a vulnerability i...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=30722

- https://nvidia.custhelp.com/app/answers/detail/a_id/5383

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9131607

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9131608

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9131615

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9134665

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9134666

Topics%20covered

Topics Covered

security advisory denial of service critical software update input validation Mageia NVIDIA Driver

Resolution

SRPMS

- 8/core/ldetect-lst-0.6.26.13-1.mga8

- 8/nonfree/nvidia-current-470.141.03-1.mga8.nonfree

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 18 Aug 2022
URL: https://advisories.mageia.org/MGASA-2022-0285.html
Type: security
CVE: CVE‑2022‑31607, CVE‑2022‑31608, CVE‑2022‑31615, CVE‑2022‑34665, CVE‑2022‑34666

Topics%20covered

Topics Covered

security advisory denial of service critical software update input validation Mageia NVIDIA Driver

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here