Don't want to see articles from a certain category? When logged in, go to your User Settings and adjust your feed in the Content Preferences section where you can block tags!
We do often include affiliate links to earn us some pennies. See more here.

Here we are again. NVIDIA has today sent out a security bulletin to inform users on Linux and Windows to ensure your GPU drivers are up to date due to freshly revealed security problems.

The issues can result in information disclosure, data tampering, and denial of service. As always, even if you think you're not vulnerable for whatever reason, upgrading is highly recommended now.

Here's those that are specific to Linux:

CVE ID Description Base Score Vector
CVE‑2021‑1090 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service. 7.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CVE‑2021‑1093 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. 6.2 AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE‑2021‑1094 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.  6.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE‑2021‑1095 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Those are what's relevent to us normal desktop users. However there's also issues identified in their NVIDIA vGPU Software too.

How to know if you're okay? NVIDIA also detailed what driver versions are good:

Software Product Operating System Driver Branch Affected Driver Versions Updated Driver Version
GeForce Linux R470 All versions 470.57.02
R460 All versions prior to 460.91.03 460.91.03
NVIDIA RTX/Quadro, NVS Linux R470 All versions 470.57.02
R460 All versions prior to 460.91.03 460.91.03
R390 All versions prior to 390.144 390.144

In other words, grabbing the very latest driver (NVIDIA 470.57.02 from July 20) is likely your best choice and with all the new features too, it's a good one to try out regardless.

Article taken from GamingOnLinux.com.
9 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
The comments on this article are closed.
14 comments
Page: «2/2
  Go to:

hiryu Jul 25, 2021
Quoting: GuestI really wonder why Linux players keep buying nVIDIA GPUs despite these being the worst option we have on Linux for at least half a dozen years already…

AMD hasn't been a viable gaming option in laptops for years as there hasn't been much available in the way of gaming laptops with AMD dGPU's. Fortunately, it sounds like that might be finally starting to change. Sounds like there will be a version of the Lenovo Legion in the coming months that will have an AMD dGPU.

Also, it wasn't until recently that for the first time in a while that AMD has become competitive with Nvidia in terms of performance, which is great.
morbius Jul 25, 2021
Quoting: morbiusUpdated to 470.57.02, seems to be working. It was a solid excuse for me to migrate on a new stable driver branch.

Spoke too soon. Browsers started doing small freezes while scrolling content and their video playback also has small freezes and stutters. Rolling back the old 460 driver to check if 470 was indeed the cause.
InhaleOblivion Jul 26, 2021
Logged on and my distro auto updated to 470.57.02
Valso Jul 27, 2021
Quoting: scainethat's just a Linux issue

Mmm, yes and no. It's an AMD issue and also a DRIVER issue but NOT a hardware issue. And no, I'm not a "fan" of any of the companies, I just use whatever works best and faster. For over 10 years I used about 12 different AMD cards - back when I was a Windows user. There's a lot I can say about AMD but they all had one thing in common: too hot and too slow, all AMD failed at AA and AF + the R-series had a bad driver, constantly crashing. Since 2015 (when I migrated to linux) I'm with nvidia and all of the problems I ever had with AMD cards disappeared, including the crashing driver. I also don't have to look at games' requirements anymore - I just run and play them. :D The ONLY 2 AMD cards from those times that I ever owned that performed better than any nvidia were Radeon 9550 with a missing fan and later - HD6670.

As for the nvidia security issues, I'm pretty sure that for these issues to work there must be certain conditions met (just like with many of the linux kernel sec. issues), so I for one have nothing to worry about.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
The comments on this article are closed.
Buy Games
Buy games with our affiliate / partner links: