{"id":"MGASA-2021-0026","summary":"Updated nvidia390 packages fix security vulnerabilities","details":"NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode\nlayer (nvidia.ko) IOCTL in which user-mode clients can access legacy\nprivileged APIs, which may lead to denial of service, escalation of privileges,\nand information disclosure (CVE‑2021‑1052).\n\nNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel\nmode layer (nvidia.ko) IOCTL in which improper validation of a user pointer\nmay lead to denial of service (CVE‑2021‑1053).\n\nNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel\nmode layer (nvidia.ko) in which it does not completely honor operating system\nfile system permissions to provide GPU device-level isolation, which may\nlead to denial of service or information disclosure (CVE‑2021‑1056).\n","modified":"2026-04-16T00:09:24.748920224Z","published":"2021-01-14T15:13:25Z","upstream":["CVE-2021-1052","CVE-2021-1053","CVE-2021-1056"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0026.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28050"},{"type":"WEB","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5142/~/security-bulletin%3A-nvidia-gpu-display-driver---january-2021"}],"affected":[{"package":{"name":"nvidia390","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/nvidia390?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"390.141-1.mga7.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0026.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}