4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.6%
Severity: Medium
Date : 2021-07-21
CVE-ID : CVE-2021-1093 CVE-2021-1094 CVE-2021-1095
Package : nvidia-utils
Type : multiple issues
Remote : No
Link : https://security.archlinux.org/AVG-2193
The package nvidia-utils before version 470.57.02-1 is vulnerable to
multiple issues including denial of service and information disclosure.
Upgrade to 470.57.02-1.
The problems have been fixed upstream in version 470.57.02.
None.
The NVIDIA GPU Display Driver for Windows and Linux contains a
vulnerability in firmware where the driver contains an assert() or
similar statement that can be triggered by an attacker, which leads to
an application exit or other behavior that is more severe than
necessary, and may lead to denial of service or system crash.
The NVIDIA GPU Display Driver for Windows and Linux contains a
vulnerability in the kernel mode layer handler for DxgkDdiEscape where
an out of bounds array access may lead to denial of service or
information disclosure.
The NVIDIA GPU Display Driver for Windows and Linux contains a
vulnerability in the kernel mode layer handlers for all control calls
with embedded parameters where dereferencing an untrusted pointer may
lead to denial of service.
A local attacker could disclose sensitive memory contents or crash the
system through crafted system calls to the graphics driver.
https://nvidia.custhelp.com/app/answers/detail/a_id/5211
https://security.archlinux.org/CVE-2021-1093
https://security.archlinux.org/CVE-2021-1094
https://security.archlinux.org/CVE-2021-1095
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ArchLinux | any | any | nvidia-utils | < 470.57.02-1 | UNKNOWN |
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.6%