CVE-2021-1093

NameCVE-2021-1093
DescriptionNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2888-1
Debian Bugs991351, 991352, 991353, 991354, 991355, 991356, 991357

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)stretch/non-free390.138-1vulnerable
stretch/non-free (security)390.144-1~deb9u1fixed
buster/non-free418.211.00-1fixed
bullseye/non-free460.91.03-1fixed
bookworm/non-free470.103.01-3fixed
sid/non-free470.103.01-4fixed
nvidia-graphics-drivers-legacy-340xx (PTS)stretch/non-free340.108-3~deb9u1vulnerable
buster/non-free340.108-3~deb10u1vulnerable
sid/non-free340.108-14vulnerable
nvidia-graphics-drivers-legacy-390xx (PTS)buster/non-free390.144-1~deb10u1fixed
bullseye/non-free390.144-1fixed
bookworm/non-free390.147-4fixed
sid/non-free390.151-1fixed
nvidia-graphics-drivers-tesla-418 (PTS)bullseye/non-free418.211.00-1fixed
sid/non-free418.226.00-4fixed
nvidia-graphics-drivers-tesla-450 (PTS)bullseye/non-free450.172.01-2~deb11u1fixed
sid/non-free, bookworm/non-free450.172.01-3fixed
nvidia-graphics-drivers-tesla-460 (PTS)bullseye/non-free460.91.03-1fixed
sid/non-free, bookworm/non-free460.106.00-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssourcestretch390.144-1~deb9u1DLA-2888-1
nvidia-graphics-driverssourcebuster418.211.00-1
nvidia-graphics-driverssource(unstable)460.91.03-1991351
nvidia-graphics-drivers-legacy-340xxsource(unstable)(unfixed)991352
nvidia-graphics-drivers-legacy-390xxsourcebuster390.144-1~deb10u1
nvidia-graphics-drivers-legacy-390xxsource(unstable)390.144-1991353
nvidia-graphics-drivers-tesla-418source(unstable)418.211.00-1991354
nvidia-graphics-drivers-tesla-440source(unstable)(unfixed)991355
nvidia-graphics-drivers-tesla-450source(unstable)450.142.00-1991356
nvidia-graphics-drivers-tesla-460source(unstable)460.91.03-1991357

Notes

[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
https://nvidia.custhelp.com/app/answers/detail/a_id/5211

Search for package or bug name: Reporting problems