Bug #1814548 “CVE-2018-6260” : Bugs : nvidia-graphics-drivers-390 package : Ubuntu

Alberto Milone (albertomilone) on 2019-02-04

Changed in nvidia-graphics-drivers-390 (Ubuntu):
status:	New → Triaged
importance:	Undecided → High
assignee:	nobody → Alberto Milone (albertomilone)

Alberto Milone (albertomilone) on 2019-02-25

Changed in nvidia-graphics-drivers-390 (Ubuntu Bionic):
status:	New → In Progress
Changed in nvidia-graphics-drivers-390 (Ubuntu Cosmic):
status:	New → In Progress
Changed in nvidia-graphics-drivers-390 (Ubuntu Bionic):
importance:	Undecided → High
Changed in nvidia-graphics-drivers-390 (Ubuntu Cosmic):
importance:	Undecided → High
Changed in nvidia-graphics-drivers-390 (Ubuntu Bionic):
assignee:	nobody → Alberto Milone (albertomilone)
Changed in nvidia-graphics-drivers-390 (Ubuntu Cosmic):
assignee:	nobody → Alberto Milone (albertomilone)
Changed in nvidia-graphics-drivers-390 (Ubuntu):
status:	Triaged → Fix Released

Revision history for this message

Alberto Milone (albertomilone) wrote on 2019-02-25:

#1

I have built the packages (for i386, amd64, and armhf) in the following PPA:
https://launchpad.net/~oem-solutions-group/+archive/ubuntu/nvidia-driver-staging

Somebody should copy the following into the (Bionic and Cosmic) security pocket:

nvidia-graphics-drivers-390_390.116-0ubuntu0.18.10.1
nvidia-graphics-drivers-390_390.116-0ubuntu0.18.04.1

Revision history for this message

Alberto Milone (albertomilone) wrote on 2019-02-25:

#2

Note: I am not attaching the debdiffs (which you can find in the PPA), since they are over 200Mb, because of the upstream binaries.

description:

updated

Revision history for this message

Alberto Milone (albertomilone) wrote on 2019-02-25:

#3

Note 2: I have had the drivers for a while now, and I haven't experienced any issues with them on my machines.

Revision history for this message

Alberto Milone (albertomilone) wrote on 2019-02-25:

#4

bionic.diff Edit (18.5 KiB, text/plain)

In order to make the diffs easier to review, I made the actual diffs starting from my commits on github:

https://github.com/tseliot/nvidia-graphics-drivers/tree/390-bionic

https://github.com/tseliot/nvidia-graphics-drivers/tree/390-cosmic

Revision history for this message

Alberto Milone (albertomilone) wrote on 2019-02-25:

#5

cosmic.diff Edit (18.5 KiB, text/plain)

Marc Deslauriers (mdeslaur) on 2019-03-06

information type:

Private Security → Public Security

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-03-07:

#6

This bug was fixed in the package nvidia-graphics-drivers-390 - 390.116-0ubuntu0.18.04.1

---------------
nvidia-graphics-drivers-390 (390.116-0ubuntu0.18.04.1) bionic; urgency=medium

  * SECURITY UPDATE:
    - CVE‑2018‑6260 (LP: #1814548).
  * New upstream release:
    - Fixed build failures which resulted in errors like "implicit
      declaration of function drm_...", when building the NVIDIA
      DRM kernel module for Linux kernel 5.0 release candidates.
    - Fixed a bug which could cause VK_KHR_external_semaphore_fd
      operations to fail.
    - Fixed a build failure, "implicit declaration of function
      'vm_insert_pfn'", when building the NVIDIA DRM kernel module
      for Linux kernel 4.20 release candidates.
    - Fixed a build failure, "unknown type name 'ipmi_user_t'",
      when building the NVIDIA kernel module for Linux kernel 4.20
      release candidates.
    - Fixed a bug that caused mode switches to fail when an SDI
      output board was connected.
    - Fixed a bug that could cause rendering corruption in Vulkan
      programs.
    - Fixed a bug that caused
      vkGetPhysicalDeviceDisplayPropertiesKHR() to occasionally
      return incorrect values for physicalResolution.
    - Added the synchronization state for PRIME Displays to nvidia-
      settings.
    - Fixed a bug that could prevent nvidia-xconfig from disabling
      the X Composite extension on version 1.20 of the X.org X
      server.
    - Fixed a build failure, "too many arguments to function
      'get_user_pages'", when building the NVIDIA kernel module for
      Linux kernel v4.4.168.
    - Fixed a build failure, "implicit declaration of function
      do_gettimeofday", when building the NVIDIA kernel module for
      Linux kernel 5.0 release candidates.
    - Added a new kernel module parameter,
      NVreg_RestrictProfilingToAdminUsers, to allow restricting the
      use of GPU performance counters to system administrators
      only.

-- Alberto Milone <email address hidden> Mon, 25 Feb 2019 12:10:20 +0100

This bug was fixed in the package nvidia-graphics-drivers-390 - 390.116-0ubuntu0.18.04.1

---------------
nvidia-graphics-drivers-390 (390.116-0ubuntu0.18.04.1) bionic; urgency=medium

* SECURITY UPDATE:
    - CVE‑2018‑6260 (LP: #1814548).
  * New upstream release:
    - Fixed build failures which resulted in errors like "implicit
      declaration of function drm_...", when building the NVIDIA
      DRM kernel module for Linux kernel 5.0 release candidates.
    - Fixed a bug which could cause VK_KHR_external_semaphore_fd
      operations to fail.
    - Fixed a build failure, "implicit declaration of function
      'vm_insert_pfn'", when building the NVIDIA DRM kernel module
      for Linux kernel 4.20 release candidates.
    - Fixed a build failure, "unknown type name 'ipmi_user_t'",
      when building the NVIDIA kernel module for Linux kernel 4.20
      release candidates.
    - Fixed a bug that caused mode switches to fail when an SDI
      output board was connected.
    - Fixed a bug that could cause rendering corruption in Vulkan
      programs.
    - Fixed a bug that caused
      vkGetPhysicalDeviceDisplayPropertiesKHR() to occasionally
      return incorrect values for physicalResolution.
    - Added the synchronization state for PRIME Displays to nvidia-
      settings.
    - Fixed a bug that could prevent nvidia-xconfig from disabling
      the X Composite extension on version 1.20 of the X.org X
      server.
    - Fixed a build failure, "too many arguments to function
      'get_user_pages'", when building the NVIDIA kernel module for
      Linux kernel v4.4.168.
    - Fixed a build failure, "implicit declaration of function
      do_gettimeofday", when building the NVIDIA kernel module for
      Linux kernel 5.0 release candidates.
    - Added a new kernel module parameter,
      NVreg_RestrictProfilingToAdminUsers, to allow restricting the
      use of GPU performance counters to system administrators
      only.

-- Alberto Milone <alberto.milone@canonical.com>  Mon, 25 Feb 2019 12:10:20 +0100

Changed in nvidia-graphics-drivers-390 (Ubuntu Bionic):
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-03-07:

#7

This bug was fixed in the package nvidia-graphics-drivers-390 - 390.116-0ubuntu0.18.10.1

---------------
nvidia-graphics-drivers-390 (390.116-0ubuntu0.18.10.1) cosmic; urgency=medium

  * SECURITY UPDATE:
    - CVE‑2018‑6260 (LP: #1814548).
  * New upstream release:
    - Fixed build failures which resulted in errors like "implicit
      declaration of function drm_...", when building the NVIDIA
      DRM kernel module for Linux kernel 5.0 release candidates.
    - Fixed a bug which could cause VK_KHR_external_semaphore_fd
      operations to fail.
    - Fixed a build failure, "implicit declaration of function
      'vm_insert_pfn'", when building the NVIDIA DRM kernel module
      for Linux kernel 4.20 release candidates.
    - Fixed a build failure, "unknown type name 'ipmi_user_t'",
      when building the NVIDIA kernel module for Linux kernel 4.20
      release candidates.
    - Fixed a bug that caused mode switches to fail when an SDI
      output board was connected.
    - Fixed a bug that could cause rendering corruption in Vulkan
      programs.
    - Fixed a bug that caused
      vkGetPhysicalDeviceDisplayPropertiesKHR() to occasionally
      return incorrect values for physicalResolution.
    - Added the synchronization state for PRIME Displays to nvidia-
      settings.
    - Fixed a bug that could prevent nvidia-xconfig from disabling
      the X Composite extension on version 1.20 of the X.org X
      server.
    - Fixed a build failure, "too many arguments to function
      'get_user_pages'", when building the NVIDIA kernel module for
      Linux kernel v4.4.168.
    - Fixed a build failure, "implicit declaration of function
      do_gettimeofday", when building the NVIDIA kernel module for
      Linux kernel 5.0 release candidates.
    - Added a new kernel module parameter,
      NVreg_RestrictProfilingToAdminUsers, to allow restricting the
      use of GPU performance counters to system administrators
      only.

-- Alberto Milone <email address hidden> Mon, 25 Feb 2019 12:16:58 +0100

This bug was fixed in the package nvidia-graphics-drivers-390 - 390.116-0ubuntu0.18.10.1

---------------
nvidia-graphics-drivers-390 (390.116-0ubuntu0.18.10.1) cosmic; urgency=medium

* SECURITY UPDATE:
    - CVE‑2018‑6260 (LP: #1814548).
  * New upstream release:
    - Fixed build failures which resulted in errors like "implicit
      declaration of function drm_...", when building the NVIDIA
      DRM kernel module for Linux kernel 5.0 release candidates.
    - Fixed a bug which could cause VK_KHR_external_semaphore_fd
      operations to fail.
    - Fixed a build failure, "implicit declaration of function
      'vm_insert_pfn'", when building the NVIDIA DRM kernel module
      for Linux kernel 4.20 release candidates.
    - Fixed a build failure, "unknown type name 'ipmi_user_t'",
      when building the NVIDIA kernel module for Linux kernel 4.20
      release candidates.
    - Fixed a bug that caused mode switches to fail when an SDI
      output board was connected.
    - Fixed a bug that could cause rendering corruption in Vulkan
      programs.
    - Fixed a bug that caused
      vkGetPhysicalDeviceDisplayPropertiesKHR() to occasionally
      return incorrect values for physicalResolution.
    - Added the synchronization state for PRIME Displays to nvidia-
      settings.
    - Fixed a bug that could prevent nvidia-xconfig from disabling
      the X Composite extension on version 1.20 of the X.org X
      server.
    - Fixed a build failure, "too many arguments to function
      'get_user_pages'", when building the NVIDIA kernel module for
      Linux kernel v4.4.168.
    - Fixed a build failure, "implicit declaration of function
      do_gettimeofday", when building the NVIDIA kernel module for
      Linux kernel 5.0 release candidates.
    - Added a new kernel module parameter,
      NVreg_RestrictProfilingToAdminUsers, to allow restricting the
      use of GPU performance counters to system administrators
      only.

-- Alberto Milone <alberto.milone@canonical.com>  Mon, 25 Feb 2019 12:16:58 +0100

Changed in nvidia-graphics-drivers-390 (Ubuntu Cosmic):
status:	In Progress → Fix Released

Ubuntu
nvidia-graphics-drivers-390 package

CVE-2018-6260

Bug Description

CVE References

Other bug subscribers

Patches

Remote bug watches

	Status	Importance	Assigned to
nvidia-graphics-drivers-390 (Ubuntu)	Fix Released	High	Alberto Milone
Bionic	Fix Released	High	Alberto Milone
Cosmic	Fix Released	High	Alberto Milone

Ubuntunvidia-graphics-drivers-390 package

CVE-2018-6260

Bug Description

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
nvidia-graphics-drivers-390 package