Canonical published today new Linux kernel and NVIDIA graphics drivers updates to address several security vulnerabilities affecting all supported Ubuntu releases.
Three security vulnerabilities are affecting the NVIDIA graphics drivers in Ubuntu 20.10 (Groovy Gorilla), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating system series that could allow local attackers to cause a denial of service or escalate privileges.
These include CVE-2021-1052, a vulnerability allowing user-mode clients to access legacy privileged APIs, which could allow a local attacker to cause a denial of service or escalate his/her privileges, CVE-2021-1053, an issue where the graphics driver failed to validate a pointer received from userspace, which could allow a local attacker to cause a denial of service, and CVE-2021-1056, a flaw discovered by Xinyuan Lyu where the graphics driver failed to restrict device-level GPU isolation, allowing a local attacker to cause a denial of service or expose sensitive information.
All users are urged to update their NVIDIA graphics drivers as soon as possible to the new versions available in the stable software repositories. The 460.32.03, 450.102.04, and 390.141 versions are available for Ubuntu 20.10, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS, and are based on the latest NVIDIA display driver upstream release that also includes various other bug fixes and improvements.
In addition to updating the NVIDIA graphics drivers, users will also have to update their Linux kernel packages to linux-image 5.8.0-36.40 on Ubuntu 20.10, linux-image 5.8.0-36.40~20.04.1 on Ubuntu 18.04 LTS, as well as linux-image 5.4.0-60.67~18.04.1 on Ubuntu 18.04 LTS. These provide corresponding updates for the NVIDIA Linux DKMS kernel modules.
To update your installations, run the
sudo apt update && sudo apt full-upgrade command in the Terminal app or use the Software Updater utility. After installing the new NVIDIA graphics drivers and Linux kernel packages, you must reboot your computer to make all the necessary changes.
Last updated 2 weeks ago