CVE-2021-34401 – This vulnerability in NVIDIA's Linux kernel dri... (How to Fix)

Q: What is the severity of CVE-2021-34401?

CVE-2021-34401 has a CVSS score of 7.8 (HIGH). This vulnerability in NVIDIA's Linux kernel driver allows improper access control in the nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER interface. Attackers could potentially execute arbitrary code, compromise system integrity, or cause denial of service. It affects systems running NVIDIA GPU drivers on Linux distributions.

📋 TL;DR

This vulnerability in NVIDIA's Linux kernel driver allows improper access control in the nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER interface. Attackers could potentially execute arbitrary code, compromise system integrity, or cause denial of service. It affects systems running NVIDIA GPU drivers on Linux distributions.

💻 Affected Systems

Products:

NVIDIA GPU Display Driver for Linux

Versions: Versions prior to 470.42.01

Operating Systems: Linux distributions

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with NVIDIA GPUs using the vulnerable driver versions

📦 What is this software?

Shield Experience by Nvidia

View all CVEs affecting Shield Experience →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through kernel-level code execution leading to complete control of affected systems

🟠

Likely Case

Local privilege escalation allowing attackers to gain root access on vulnerable systems

🟢

If Mitigated

Limited impact with proper access controls and isolation preventing unauthorized users from accessing GPU interfaces

🌐 Internet-Facing: LOW - Requires local access to the system

🏢 Internal Only: HIGH - Local attackers or malicious users can exploit this vulnerability

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to the system and knowledge of the vulnerable interface

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 470.42.01 and later

Vendor Advisory: https://nvidia.custhelp.com/app/answers/detail/a_id/5259

Restart Required: Yes

Instructions:

1. Download NVIDIA driver version 470.42.01 or later from NVIDIA's website. 2. Stop all graphical sessions. 3. Run the installer with appropriate permissions. 4. Reboot the system.

🔧 Temporary Workarounds

Restrict GPU device access

linux

Limit access to GPU device files to prevent unauthorized users from exploiting the vulnerability

chmod 600 /dev/nvidia*
chown root:root /dev/nvidia*

🧯 If You Can't Patch

Implement strict access controls to limit which users can access GPU interfaces
Isolate systems with vulnerable drivers from untrusted users and networks

🔍 How to Verify

Check if Vulnerable:

Check NVIDIA driver version with 'nvidia-smi' or 'cat /proc/driver/nvidia/version'

Check Version:

nvidia-smi --query-gpu=driver_version --format=csv,noheader

Verify Fix Applied:

Verify driver version is 470.42.01 or later using 'nvidia-smi' command

📡 Detection & Monitoring

Log Indicators:

Unusual access patterns to /dev/nvidia* device files
Failed privilege escalation attempts

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

source="kernel" AND (device="nvidia" OR process="nvidia") AND action="access_denied"

📊 Metadata

CVE ID: CVE-2021-34401

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-284

Published: January 18, 2022

Last Updated: November 21, 2024

🔗 References

https://nvidia.custhelp.com/app/answers/detail/a_id/5259 Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5259 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-34401, you might also want to check these: