CVE-2021-1093

NameCVE-2021-1093
DescriptionNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-2888-1
Debian Bugs991351, 991352, 991353, 991354, 991355, 991356, 991357

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)bullseye/non-free470.256.02-2fixed
bookworm/non-free-firmware535.183.01-1~deb12u1fixed
sid/non-free-firmware, trixie/non-free-firmware535.216.01-1fixed
nvidia-graphics-drivers-legacy-340xx (PTS)sid/non-free340.108-23vulnerable
nvidia-graphics-drivers-legacy-390xx (PTS)bullseye/non-free390.157-1~deb11u1fixed
sid/non-free390.157-9fixed
nvidia-graphics-drivers-tesla-418 (PTS)bullseye/non-free418.226.00-6~deb11u2fixed
sid/non-free418.226.00-16fixed
nvidia-graphics-drivers-tesla-450 (PTS)bullseye/non-free450.248.02-7~deb11u1fixed
sid/non-free450.248.02-8fixed
nvidia-graphics-drivers-tesla-460 (PTS)bullseye/non-free460.106.00-17~deb11u1fixed
sid/non-free460.106.00-18fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssourcestretch390.144-1~deb9u1DLA-2888-1
nvidia-graphics-driverssourcebuster418.211.00-1
nvidia-graphics-driverssource(unstable)460.91.03-1991351
nvidia-graphics-drivers-legacy-340xxsource(unstable)(unfixed)991352
nvidia-graphics-drivers-legacy-390xxsourcebuster390.144-1~deb10u1
nvidia-graphics-drivers-legacy-390xxsource(unstable)390.144-1991353
nvidia-graphics-drivers-tesla-418source(unstable)418.211.00-1991354
nvidia-graphics-drivers-tesla-440source(unstable)(unfixed)991355
nvidia-graphics-drivers-tesla-450source(unstable)450.142.00-1991356
nvidia-graphics-drivers-tesla-460source(unstable)460.91.03-1991357

Notes

[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
https://nvidia.custhelp.com/app/answers/detail/a_id/5211
Search for package or bug name: Reporting problems