NVIDIA has newly disclosed three security vulnerabilities in the NVIDIA Shield TV, which could allow denial of service, escalation of privileges and data loss.
The NVIDIA Shield TV is a set-top gadget that acts as a hub for the smart home, streams PC games from a gaming PC to a TV; and allows local and online media playback and streaming. Android games compatible with Android TV are compatible with the Shield TV and controller, as are those from the NVIDIA’s GeoForce market.
Separately, NVIDIA issued an updated security advisory for a cluster of security bugs in NVIDIA’s video-friendly graphics processing unit (GPU) Display Driver. These could plague Linux gamers and others with denial of service, escalation of privileges and information disclosure.
NVIDIA Shield TV Bugs
When it comes to the internet-of-things (IoT) device known as Shield TV, one high-severity bug (CVE‑2021‑1068) exists in the NVDEC component of the gadget, which is a hardware-based decoder. It arises because an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges. It carries a 7.8 CVSS rating.
The other two bugs are medium-severity. The flaw tracked as CVE‑2021‑1069 exists in the NVHost function, and could lead to an abnormal reboot due to a null pointer reference, causing data loss.
Another, CVE‑2021‑1067 exists in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.
To protect a system, users can download and install a software update through the update notification that will appear on the Home Screen, or by going to Settings>About>System update.
NVIDIA GPU Display Driver Kernel Bugs
Earlier in January, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021. An updated security advisory now includes the availability of patched Linux drivers for the Tesla line of GPUs, affecting CVE-2021-1052, CVE-2021-1053 and CVE-2021-1056.
Tesla as a line of GPU accelerator boards optimized for high-performance, general-purpose computing. They are used for parallel scientific, engineering, and technical computing, and they are designed for deployment in supercomputers, clusters and workstations.
The patches address one high-severity issue (CVE‑2021‑1052) in the graphics driver, which is the software component that enables a device’s operating system and programs to use NVIDIA’s high-level, gaming- and science-optimized graphics hardware.
found in the Linux kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL. Here, “user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges and information disclosure,” according to the company.
The other two Linux issues rate medium-severity. The first (CVE‑2021‑1053) also affects the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL, in which improper validation of a user pointer may lead to denial of service.
The second medium bug (CVE‑2021‑1056) is a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
Full details on all of the GPU vulnerabilities are available in the security bulletin. Patched versions are as follows:
NVIDIA’s Line of Security Bugs
This is not NVIDIA’s first patching rodeo.
Last year, the company issued its fair share of patches; including fixes for two high-severity flaws in the Windows version of its GeForce Experience software, and a patch for a critical bug in its high-performance line of DGX servers, both in October; and a high-severity flaw in its GeForce NOW application software for Windows in November.
Download our exclusive FREE Threatpost Insider eBook Healthcare Security Woes Balloon in a Covid-Era World , sponsored by ZeroNorth, to learn more about what these security risks mean for hospitals at the day-to-day level and how healthcare security teams can implement best practices to protect providers and patients. Get the whole story and DOWNLOAD the eBook now – on us!