Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-1093 (GCVE-0-2021-1093)
Vulnerability from cvelistv5 – Published: 2021-07-22 00:00 – Updated: 2024-08-03 15:55- denial of service
| URL | Tags |
|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_… | |
| https://lists.debian.org/debian-lts-announce/2022… | mailing-list |
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Affected:
All GPU Driver versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU Display Driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All GPU Driver versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T14:07:22.495Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1093",
"datePublished": "2021-07-22T00:00:00.000Z",
"dateReserved": "2020-11-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T15:55:18.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-1093",
"date": "2026-07-03",
"epss": "0.00374",
"percentile": "0.29364"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-1093\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2021-07-22T05:15:07.937\",\"lastModified\":\"2024-11-21T05:43:35.013\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.\"},{\"lang\":\"es\",\"value\":\"Un controlador de pantalla de la GPU NVIDIA para Windows y Linux, contiene una vulnerabilidad en el firmware en la que el controlador contiene una sentencia assert() o similar que puede ser desencadenada por un atacante, que conlleva a una salida de la aplicaci\u00f3n u otro comportamiento m\u00e1s grave de lo necesario, y puede conllevar a una denegaci\u00f3n de servicio o un bloqueo del sistema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"418.197.02\",\"versionEndExcluding\":\"418.211.00\",\"matchCriteriaId\":\"39769B85-EDB6-4649-A86F-F72277F235A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"427.33\",\"versionEndExcluding\":\"427.48\",\"matchCriteriaId\":\"A5A345DF-457A-4B7E-A4E9-4D29FB4C9722\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"450.119.03\",\"versionEndExcluding\":\"450.142.00\",\"matchCriteriaId\":\"2DD69970-A1EE-46FE-B674-0E22AD11D467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"452.96\",\"versionEndExcluding\":\"453.10\",\"matchCriteriaId\":\"650D9B87-1AFB-4462-A8D5-E993D8ECDACA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"460.73.01\",\"versionEndExcluding\":\"460.91.03\",\"matchCriteriaId\":\"52B5FD01-4AED-4915-B8C2-38233865ED86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*\",\"versionStartIncluding\":\"462.31\",\"versionEndExcluding\":\"462.96\",\"matchCriteriaId\":\"018F843B-EFA3-4E49-A269-168221A205CA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5211\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-02\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, NVIDIA Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 10 (Debian GNU/Linux), 11 (Debian GNU/Linux), \u043e\u0442 418.197.02 \u0434\u043e 418.211.00 (Nvidia-graphics-drivers), \u043e\u0442 427.33 \u0434\u043e 427.48 (Nvidia-graphics-drivers), \u043e\u0442 450.119.03 \u0434\u043e 450.142.00 (Nvidia-graphics-drivers), \u043e\u0442 452.96 \u0434\u043e 453.10 (Nvidia-graphics-drivers), \u043e\u0442 460.73.01 \u0434\u043e 460.91.03 (Nvidia-graphics-drivers), \u043e\u0442 462.31 \u0434\u043e 462.96 (Nvidia-graphics-drivers)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f NVIDIA GPU Display Driver:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://nvidia.custhelp.com/app/answers/detail/a_id/5211\n\n\u0414\u043b\u044f Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2021-1093",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.07.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.04.2022",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.04.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-02046",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-1093",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Nvidia-graphics-drivers",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NVIDIA GPU Display Driver, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0437\u0430\u0447\u0438\u0441\u0442\u043a\u0430 \u0438\u043b\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (CWE-404)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NVIDIA GPU Display Driver \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2021-1093\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5211\nhttps://security-tracker.debian.org/tracker/CVE-2021-1093",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-404",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
FKIE_CVE-2021-1093
Vulnerability from fkie_nvd - Published: 2021-07-22 05:15 - Updated: 2026-06-17 03:305.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| URL | Tags | ||
|---|---|---|---|
| psirt@nvidia.com | https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html | Mailing List, Third Party Advisory | |
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5211 | Patch, Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5211 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| debian | debian_linux | 9.0 |
{
"affected": [
{
"affectedData": [
{
"product": "NVIDIA GPU Display Driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All GPU Driver versions"
}
]
}
],
"source": "psirt@nvidia.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "39769B85-EDB6-4649-A86F-F72277F235A1",
"versionEndExcluding": "418.211.00",
"versionStartIncluding": "418.197.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "A5A345DF-457A-4B7E-A4E9-4D29FB4C9722",
"versionEndExcluding": "427.48",
"versionStartIncluding": "427.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "2DD69970-A1EE-46FE-B674-0E22AD11D467",
"versionEndExcluding": "450.142.00",
"versionStartIncluding": "450.119.03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "650D9B87-1AFB-4462-A8D5-E993D8ECDACA",
"versionEndExcluding": "453.10",
"versionStartIncluding": "452.96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "52B5FD01-4AED-4915-B8C2-38233865ED86",
"versionEndExcluding": "460.91.03",
"versionStartIncluding": "460.73.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "018F843B-EFA3-4E49-A269-168221A205CA",
"versionEndExcluding": "462.96",
"versionStartIncluding": "462.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash."
},
{
"lang": "es",
"value": "Un controlador de pantalla de la GPU NVIDIA para Windows y Linux, contiene una vulnerabilidad en el firmware en la que el controlador contiene una sentencia assert() o similar que puede ser desencadenada por un atacante, que conlleva a una salida de la aplicaci\u00f3n u otro comportamiento m\u00e1s grave de lo necesario, y puede conllevar a una denegaci\u00f3n de servicio o un bloqueo del sistema"
}
],
"id": "CVE-2021-1093",
"lastModified": "2026-06-17T03:30:56.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-22T05:15:07.937",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-9Q77-P3X6-935C
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
{
"affected": [],
"aliases": [
"CVE-2021-1093"
],
"database_specific": {
"cwe_ids": [
"CWE-404"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-22T05:15:00Z",
"severity": "MODERATE"
},
"details": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.",
"id": "GHSA-9q77-p3x6-935c",
"modified": "2022-05-24T19:09:02Z",
"published": "2022-05-24T19:09:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1093"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-1093
Vulnerability from gsd - Updated: 2023-12-13 01:23{
"GSD": {
"alias": "CVE-2021-1093",
"description": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.",
"id": "GSD-2021-1093",
"references": [
"https://ubuntu.com/security/CVE-2021-1093",
"https://security.archlinux.org/CVE-2021-1093"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-1093"
],
"details": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.",
"id": "GSD-2021-1093",
"modified": "2023-12-13T01:23:23.023313Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU Display Driver",
"version": {
"version_data": [
{
"version_value": "All GPU Driver versions"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"name": "GLSA-202310-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202310-02"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "427.48",
"versionStartIncluding": "427.33",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "453.10",
"versionStartIncluding": "452.96",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "462.96",
"versionStartIncluding": "462.31",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "418.211.00",
"versionStartIncluding": "418.197.02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "450.142.00",
"versionStartIncluding": "450.119.03",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "460.91.03",
"versionStartIncluding": "460.73.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1093"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"name": "GLSA-202310-02",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-10-13T01:43Z",
"publishedDate": "2021-07-22T05:15Z"
}
}
}
WID-SEC-W-2023-2533
Vulnerability from csaf_certbund - Published: 2021-07-20 22:00 - Updated: 2023-10-03 22:00In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL's, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausführung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/o:lenovo:lenovo_computer:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Nvidia Treiber
Nvidia
|
cpe:/a:nvidia:display_driver:-
|
— | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "NVidia ist ein Hersteller von Grafikkarten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Nvidia GPU Display Treibern ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2533 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-2533.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2533 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2533"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202310-02 vom 2023-10-03",
"url": "https://security.gentoo.org/glsa/202310-02"
},
{
"category": "external",
"summary": "NVIDIA GPU Display Driver Security Bulletin vom 2021-07-20",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202107-58 vom 2021-07-22",
"url": "https://security.archlinux.org/ASA-202107-58"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-65136 vom 2021-08-10",
"url": "https://support.lenovo.com/us/en/product_security/LEN-65136"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2888 vom 2022-01-18",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"
},
{
"category": "external",
"summary": "EMC Security Advisory DSA-2021-183 vom 2022-01-28",
"url": "https://www.dell.com/support/kbdoc/de-de/000191499/dsa-2021-183-dell-client-platform-security-update-security-advisory-for-nvidia-gpu-display-driver-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Nvidia GPU Display Treiber: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-03T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:59:19.204+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2533",
"initial_release_date": "2021-07-20T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-07-20T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-07-21T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Arch Linux aufgenommen"
},
{
"date": "2021-08-10T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von LENOVO aufgenommen"
},
{
"date": "2022-01-18T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-01-27T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von EMC aufgenommen"
},
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Gentoo aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T006520",
"product_identification_helper": {
"cpe": "cpe:/o:lenovo:lenovo_computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"category": "product_name",
"name": "Nvidia Treiber",
"product": {
"name": "Nvidia Treiber",
"product_id": "T000168",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:-"
}
}
}
],
"category": "vendor",
"name": "Nvidia"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-1089",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1089"
},
{
"cve": "CVE-2021-1090",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1090"
},
{
"cve": "CVE-2021-1091",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1091"
},
{
"cve": "CVE-2021-1092",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1092"
},
{
"cve": "CVE-2021-1093",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1093"
},
{
"cve": "CVE-2021-1094",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1094"
},
{
"cve": "CVE-2021-1095",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1095"
},
{
"cve": "CVE-2021-1096",
"notes": [
{
"category": "description",
"text": "In Nvidia GPU Display Treibern existieren mehrere Schwachstellen. Diese beruhen auf unsicherem laden von DLL\u0027s, Speicher-Begrenzungsfehlern, Fehlern bei verarbeiten von Hard-Links, Assertions Fehlern, unsicheren- und Null-Zeiger Dereferenzierungen. Ein lokaler Angreifer kann kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Code zur Ausf\u00fchrung zu bringen, seine Rechte zu erweitern und Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T006520",
"2951",
"T000168",
"T013312",
"T012167"
]
},
"release_date": "2021-07-20T22:00:00.000+00:00",
"title": "CVE-2021-1096"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.