ALAS-2019-1182

Amazon Linux 1 (EOL) Security Advisory: ALAS-2019-1182
Advisory Released Date: 2019-03-21
Advisory Updated Date: 2019-03-25

Severity: Low

References: CVE-2018-6260
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector. (CVE-2018-6260)

Affected Packages:

nvidia

Issue Correction:
Run yum update nvidia to update your system.

New Packages:

src:
    nvidia-410.104-2018.03.111.amzn1.src

x86_64:
    nvidia-dkms-410.104-2018.03.111.amzn1.x86_64
    nvidia-410.104-2018.03.111.amzn1.x86_64

Additional References

Red Hat: CVE-2018-6260

Mitre: CVE-2018-6260