nvidia-graphics-drivers-390, nvidia-graphics-drivers-440 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 20.04 LTS
* Ubuntu 19.10
* Ubuntu 18.04 LTS

Summary

Several security issues were fixed in NVIDIA graphics drivers.

Software Description

* nvidia-graphics-drivers-390 - NVIDIA binary X.Org driver
* nvidia-graphics-drivers-440 - NVIDIA binary X.Org driver

Details

Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver
did not properly perform access control when performing IPC. An
attacker could use this to cause a denial of service or possibly
execute arbitrary code. (CVE-2020-5963)

It was discovered that the UVM driver in the NVIDIA graphics
driver contained a race condition. A local attacker could use this
to cause a denial of service. (CVE-2020-5967)

It was discovered that the NVIDIA virtual GPU guest drivers
contained an unspecified vulnerability that could potentially lead
to privileged operation execution. An attacker could use this to
cause a denial of service. (CVE-2020-5973)

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 20.04 LTS
xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.20.04.1

Ubuntu 19.10
xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.19.10.1
xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.19.10.1

Ubuntu 18.04 LTS
xserver-xorg-video-nvidia-390 - 390.138-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440 - 440.100-0ubuntu0.18.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

References

* CVE-2020-5963
* CVE-2020-5967
* CVE-2020-5973

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)