Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
91
security advisoryhigh severitygentooGentoo: GLSA-202412-20 High: NVIDIA Drivers Privilege Escalation
Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202412-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: NVIDIA Drivers: Privilege Escalation Date: December 14, 2024 Bugs: #942031 ID: 202412-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in privilege escalation. Background ========== NVIDIA Drivers are NVIDIA's accelerated graphics driver. Affected packages ================= Package Vulnerable Unaffected -------------------------- ------------ ------------- x11-drivers/nvidia-drivers < 535.216.01 > = 535.216.01 Description =========== A vulnerability has been discovered in NVIDIA Drivers. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifier for details. Workaround ========== There is no known workaround at this time. Resolution ========== All NVIDIA Drivers 535 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =x11-drivers/nvidia-drivers-535.216.01:0/535" All NVIDIA Drivers 550 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =x11-drivers/nvidia-drivers-550.127.05:0/550" References ========== [ 1 ] CVE-2024-0126 https://nvd.nist.gov/vuln/detail/CVE-2024-0126 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202412-20 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Dec 14, 2024
Gentoo
172
security advisorydenial of serviceaccess controlUbuntu 20.04 LTS USN-4404-2 High: NVIDIA Kernel Module Threat
Several security issues were fixed in the NVIDIA graphics driver kernel modules.. =========================================================================Ubuntu Security Notice USN-4404-2 June 25, 2020 linux kernel vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 19.10 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the NVIDIA graphics driver kernel modules. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-aws-5.3: Linux kernel for Amazon Web Services (AWS) systems - linux-azure-5.3: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-5.3: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe: Linux hardware enablement (HWE) kernel - linux-oem: Linux kernel for OEM systems - linux-oem-osp1: Linux kernel for OEM systems - linux-oracle-5.3: Linux kernel for Oracle Cloud systems Details: USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when performing IPC. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-5963) It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service. (CVE-2020-5967) It was discovered that the NVIDIA virtual GPU guest drivers contained an unspecified vulnerability that could potentially lead to privileged operation execution. An attacker could use this to cause a denial of service. (CVE-2020-5973) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1017-aws 5.4.0-1017.17 linux-image-5.4.0-1018-gcp 5.4.0-1018.18 linux-image-5.4.0-1018-oracle 5.4.0-1018.18 linux-image-5.4.0-1019-azure 5.4.0-1019.19 linux-image-5.4.0-39-generic 5.4.0-39.43 linux-image-5.4.0-39-generic-lpae 5.4.0-39.43 linux-image-5.4.0-39-lowlatency 5.4.0-39.43 linux-image-aws 5.4.0.1017.18 linux-image-azure 5.4.0.1019.18 linux-image-gcp 5.4.0.1018.16 linux-image-generic 5.4.0.39.42 linux-image-generic-hwe-20.04 5.4.0.39.42 linux-image-generic-lpae 5.4.0.39.42 linux-image-generic-lpae-hwe-20.04 5.4.0.39.42 linux-image-gke 5.4.0.1018.16 linux-image-lowlatency 5.4.0.39.42 linux-image-lowlatency-hwe-20.04 5.4.0.39.42 linux-image-oem 5.4.0.39.42 linux-image-oem-osp1 5.4.0.39.42 linux-image-oracle 5.4.0.1018.16 linux-image-virtual 5.4.0.39.42 linux-image-virtual-hwe-20.04 5.4.0.39.42 Ubuntu 19.10: linux-image-5.3.0-1027-oracle 5.3.0-1027.29 linux-image-5.3.0-1028-aws 5.3.0-1028.30 linux-image-5.3.0-1029-gcp 5.3.0-1029.31 linux-image-5.3.0-61-generic 5.3.0-61.55 linux-image-5.3.0-61-generic-lpae 5.3.0-61.55 linux-image-5.3.0-61-lowlatency 5.3.0-61.55 linux-image-5.3.0-61-snapdragon 5.3.0-61.55 linux-image-aws 5.3.0.1028.38 linux-image-gcp 5.3.0.1029.39 linux-image-generic 5.3.0.61.51 linux-image-generic-lpae 5.3.0.61.51 linux-image-gke 5.3.0.1029.39 linux-image-lowlatency 5.3.0.61.51 linux-image-oracle 5.3.0.1027.42 linux-image-snapdragon 5.3.0.61.51 linux-image-virtual 5.3.0.61.51 Ubuntu 18.04 LTS: linux-image-4.15.0-1047-oracle 4.15.0-1047.51 linux-image-4.15.0-1076-aws 4.15.0-1076.80 linux-image-4.15.0-108-generic 4.15.0-108.109 linux-image-4.15.0-108-generic-lpae 4.15.0-108.109 linux-image-4.15.0-108-lowlatency 4.15.0-108.109 linux-image-4.15.0-1090-oem 4.15.0-1090.100 linux-image-5.0.0-1062-oem-osp1 5.0.0-1062.67 linux-image-5.3.0-1027-oracle 5.3.0-1027.29~18.04.1 linux-image-5.3.0-1028-aws 5.3.0-1028.30~18.04.1 linux-image-5.3.0-1029-gcp 5.3.0-1029.31~18.04.1 linux-image-5.3.0-1031-azure 5.3.0-1031.32~18.04.1 linux-image-5.3.0-61-generic 5.3.0-61.55~18.04.1 linux-image-5.3.0-61-generic-lpae 5.3.0-61.55~18.04.1 linux-image-5.3.0-61-lowlatency 5.3.0-61.55~18.04.1 linux-image-aws 5.3.0.1028.26 linux-image-aws-lts-18.04 4.15.0.1076.78 linux-image-azure 5.3.0.1031.27 linux-image-gcp 5.3.0.1029.23 linux-image-generic 4.15.0.108.96 linux-image-generic-hwe-18.04 5.3.0.61.114 linux-image-generic-lpae 4.15.0.108.96 linux-image-generic-lpae-hwe-18.04 5.3.0.61.114 linux-image-gkeop-5.3 5.3.0.61.114 linux-image-lowlatency 4.15.0.108.96 linux-image-lowlatency-hwe-18.04 5.3.0.61.114 linux-image-oem 4.15.0.1090.93 linux-image-oem-osp1 5.0.0.1062.60 linux-image-oracle 5.3.0.1027.24 linux-image-oracle-edge 5.3.0.1027.24 linux-image-oracle-lts-18.04 4.15.0.1047.56 linux-image-powerpc-e500mc 4.15.0.108.96 linux-image-powerpc-smp 4.15.0.108.96 linux-image-powerpc64-emb 4.15.0.108.96 linux-image-powerpc64-smp 4.15.0.108.96 linux-image-snapdragon-hwe-18.04 5.3.0.61.114 linux-image-virtual 4.15.0.108.96 linux-image-virtual-hwe-18.04 5.3.0.61.114 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstallall third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4404-2 CVE-2020-5963, CVE-2020-5967, CVE-2020-5973 Package Information: https://launchpad.net/ubuntu/+source/linux/5.4.0-39.43 https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1017.17 https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1019.19 https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1018.18 https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1018.18 https://launchpad.net/ubuntu/+source/linux/5.3.0-61.55 https://launchpad.net/ubuntu/+source/linux-aws/5.3.0-1028.30 https://launchpad.net/ubuntu/+source/linux-gcp/5.3.0-1029.31 https://launchpad.net/ubuntu/+source/linux-oracle/5.3.0-1027.29 https://launchpad.net/ubuntu/+source/linux/4.15.0-108.109 https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1076.80 https://launchpad.net/ubuntu/+source/linux-aws-5.3/5.3.0-1028.30~18.04.1 https://launchpad.net/ubuntu/+source/linux-azure-5.3/5.3.0-1031.32~18.04.1 https://launchpad.net/ubuntu/+source/linux-gcp-5.3/5.3.0-1029.31~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.3.0-61.55~18.04.1 https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1090.100 https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1062.67 https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1047.51 https://launchpad.net/ubuntu/+source/linux-oracle-5.3/5.3.0-1027.29~18.04.1 . Vulnerabilities addressed concerning AMD graphics drivers in Debian-based systems. Urgent patches recommended for all users.. Ubuntu Security, NVIDIA Drivers, Kernel Updates, Access Control Issues, System Vulnerability. . Severity: Important. LinuxSecurity.com Team
Jun 25, 2020
•Important
Ubuntu
98
security advisorymoderatesecurity updateRed Hat: RHSA-2013:0898-01 Moderate: Mesa Heap Overflow
Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: mesa security update Advisory ID: RHSA-2013:0898-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0898.html Issue date: 2013-06-03 CVE Names: CVE-2013-1993 ==================================================================== 1. Summary: Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-1993) All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This updateis available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 961613 - CVE-2013-1993 Mesa: Multiple integer overflows leading to heap-based bufer overflows 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: glx-utils-6.5.1-7.11.el5_9.i386.rpm mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.i386.rpm mesa-source-6.5.1-7.11.el5_9.i386.rpm x86_64: glx-utils-6.5.1-7.11.el5_9.x86_64.rpm mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-debuginfo-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGL-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLU-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLw-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-6.5.1-7.11.el5_9.x86_64.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.x86_64.rpm mesa-source-6.5.1-7.11.el5_9.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.i386.rpm x86_64: mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-debuginfo-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: glx-utils-6.5.1-7.11.el5_9.i386.rpm mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.i386.rpm mesa-source-6.5.1-7.11.el5_9.i386.rpm ia64: glx-utils-6.5.1-7.11.el5_9.ia64.rpm mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-debuginfo-6.5.1-7.11.el5_9.ia64.rpm mesa-libGL-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-6.5.1-7.11.el5_9.ia64.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.ia64.rpm mesa-libGLU-6.5.1-7.11.el5_9.ia64.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.ia64.rpm mesa-libGLw-6.5.1-7.11.el5_9.ia64.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.ia64.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.ia64.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.ia64.rpm mesa-source-6.5.1-7.11.el5_9.ia64.rpm ppc: glx-utils-6.5.1-7.11.el5_9.ppc.rpm mesa-debuginfo-6.5.1-7.11.el5_9.ppc.rpm mesa-debuginfo-6.5.1-7.11.el5_9.ppc64.rpm mesa-libGL-6.5.1-7.11.el5_9.ppc.rpm mesa-libGL-6.5.1-7.11.el5_9.ppc64.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.ppc.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.ppc64.rpm mesa-libGLU-6.5.1-7.11.el5_9.ppc.rpm mesa-libGLU-6.5.1-7.11.el5_9.ppc64.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.ppc.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.ppc64.rpm mesa-libGLw-6.5.1-7.11.el5_9.ppc.rpm mesa-libGLw-6.5.1-7.11.el5_9.ppc64.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.ppc.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.ppc64.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.ppc.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.ppc64.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.ppc.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.ppc64.rpm mesa-source-6.5.1-7.11.el5_9.ppc.rpm s390x: glx-utils-6.5.1-7.11.el5_9.s390x.rpm mesa-debuginfo-6.5.1-7.11.el5_9.s390.rpm mesa-debuginfo-6.5.1-7.11.el5_9.s390x.rpm mesa-libGL-6.5.1-7.11.el5_9.s390.rpm mesa-libGL-6.5.1-7.11.el5_9.s390x.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.s390.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.s390x.rpm mesa-libGLU-6.5.1-7.11.el5_9.s390.rpm mesa-libGLU-6.5.1-7.11.el5_9.s390x.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.s390.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.s390x.rpm mesa-libGLw-6.5.1-7.11.el5_9.s390.rpm mesa-libGLw-6.5.1-7.11.el5_9.s390x.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.s390.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.s390x.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.s390.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.s390x.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.s390.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.s390x.rpm mesa-source-6.5.1-7.11.el5_9.s390x.rpm x86_64: glx-utils-6.5.1-7.11.el5_9.x86_64.rpm mesa-debuginfo-6.5.1-7.11.el5_9.i386.rpm mesa-debuginfo-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGL-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGL-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLU-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLU-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLw-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-6.5.1-7.11.el5_9.x86_64.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libGLw-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-6.5.1-7.11.el5_9.x86_64.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.i386.rpm mesa-libOSMesa-devel-6.5.1-7.11.el5_9.x86_64.rpm mesa-source-6.5.1-7.11.el5_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2013-1993 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2013 Red Hat, Inc. . Mesa security patch released for Red Hat Enterprise Linux 5, tackling several moderate vulnerabilities..Red Hat Enterprise,Mesa Security,Moderate Advisory,Buffer Overflow,Graphics API. . LinuxSecurity.com Team
Jun 03, 2013
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!