PT-2019-10737 · Nvidia+2 · Nouveau Display Driver+2
Published
2019-04-01
·
Updated
2023-02-09
·
CVE-2018-3979
CVSS v3.1
7.4
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Ubuntu versions 18.04 LTS
Nouveau Display Driver NV117 version
Description
A remote denial-of-service issue exists in the Nouveau Display Driver due to its handling of GPU shader execution. This can be triggered by a specially crafted pixel shader, potentially provided through a malicious website. Once a user visits such a website, no further interaction is required for the issue to occur.
Recommendations
For Ubuntu 18.04 LTS, update the Nouveau Display Driver to a version that is not vulnerable to this issue.
For Nouveau Display Driver NV117, consider disabling GPU shader execution until a patch is available.
Exploit
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Nouveau Display Driver
Ubuntu