Ubuntu 6580 Published by

A NVIDIA graphics drivers security update has been released for Ubuntu Linux 18.04 LTS, 20.04 LTS, and 22.04 LTS



USN-5547-1: NVIDIA graphics drivers vulnerabilities


=========================================================================
Ubuntu Security Notice USN-5547-1
August 03, 2022

nvidia-graphics-drivers-390, nvidia-graphics-drivers-450-server,
nvidia-graphics-drivers-470, nvidia-graphics-drivers-470-server,
nvidia-graphics-drivers-510, nvidia-graphics-drivers-510-server,
nvidia-graphics-drivers-515, nvidia-graphics-drivers-515-server
vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in NVIDIA graphics drivers.

Software Description:
- nvidia-graphics-drivers-390: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-450-server: NVIDIA server driver
- nvidia-graphics-drivers-470: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-470-server: NVIDIA server driver
- nvidia-graphics-drivers-510: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-510-server: NVIDIA server driver
- nvidia-graphics-drivers-515: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-515-server: NVIDIA server driver

Details:

Le Wu discovered that the NVIDIA graphics drivers did not properly perform
input validation in some situations. A local user could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2022-31607)

Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled
certain memory operations, leading to a null-pointer dereference. A local
attacker could use this to cause a denial of service. (CVE-2022-31615)

Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic
Boost D-Bus component did not properly restrict access to its endpoint.
When enabled in non-default configurations, a local attacker could use this
to cause a denial of service or possibly execute arbitrary code.
(CVE-2022-31608)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
xserver-xorg-video-nvidia-390 390.154-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-440-server 450.203.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-450-server 450.203.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-460 470.141.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-460-server 470.141.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-465 470.141.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-470 470.141.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-470-server 470.141.03-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-495 510.85.02-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-510 510.85.02-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-510-server 510.85.02-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-515 515.65.01-0ubuntu0.22.04.1
xserver-xorg-video-nvidia-515-server 515.65.01-0ubuntu0.22.04.1

Ubuntu 20.04 LTS:
xserver-xorg-video-nvidia-390 390.154-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440-server 450.203.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450-server 450.203.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460 470.141.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460-server 470.141.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-465 470.141.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-470 470.141.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-470-server 470.141.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-495 510.85.02-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-510 510.85.02-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-510-server 510.85.02-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-515 515.65.01-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-515-server 515.65.01-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
xserver-xorg-video-nvidia-390 390.154-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440-server 450.203.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450-server 450.203.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460 470.141.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460-server 470.141.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-465 470.141.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-470 470.141.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-470-server 470.141.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-495 510.85.02-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-510 510.85.02-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-510-server 510.85.02-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-515 515.65.01-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-515-server 515.65.01-0ubuntu0.18.04.1

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5547-1
CVE-2022-31607, CVE-2022-31608, CVE-2022-31615

Package Information:
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.154-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.203.03-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.141.03-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470-server/470.141.03-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510/510.85.02-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510-server/510.85.02-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515/515.65.01-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515-server/515.65.01-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.154-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.203.03-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.141.03-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470-server/470.141.03-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510/510.85.02-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510-server/510.85.02-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515/515.65.01-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515-server/515.65.01-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.154-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.203.03-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.141.03-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470-server/470.141.03-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510/510.85.02-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510-server/510.85.02-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515/515.65.01-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515-server/515.65.01-0ubuntu0.18.04.1