Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Mageia: 2022-0286 Moderate: NVIDIA Driver Input Validation Flaws

mageia
Calendar Grey August 18, 2022
Dist Mageia Esm H88
Recent updates to the nvidia390 packages rectify significant security flaws found in the NVIDIA GPU Driver within Mageia, focusing on critical input validation vulnerabilities.
Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with...

Summary

Updated nvidia390 packages fix security vulnerabilities:
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure (CVE‑2022‑31607).
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering (CVE‑2022‑31608).
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null- pointer dereference, which may lead to denial of service (CVE‑2022‑31615).
NVIDIA GPU Display Driver for Linux contains a vulnerability in the...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=30723

- https://nvidia.custhelp.com/app/answers/detail/a_id/5383

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9131607

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9131608

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9131615

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9134665

- https://www.cve.org/CVERecord?id=CVE%E2%80%912022%E2%80%9134666

Topics%20covered

Topics Covered

security advisory denial of service local privilege escalation input validation data tampering NVIDIA driver Mageia

Resolution

SRPMS

- 8/nonfree/nvidia390-390.154-1.mga8.nonfree

Publication date: 18 Aug 2022
URL: https://advisories.mageia.org/MGASA-2022-0286.html
Type: security
CVE: CVE‑2022‑31607, CVE‑2022‑31608, CVE‑2022‑31615, CVE‑2022‑34665, CVE‑2022‑34666

Topics%20covered

Topics Covered

security advisory denial of service local privilege escalation input validation data tampering NVIDIA driver Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here