Nvidia GPU owners told to update now to patch a range of serious security flaws

3 weeks ago

(Image credit: Jakub Porzycki/NurPhoto via Getty Images)

Nvidia has released a caller spot for its GPU Display Driver for Windows and Linux to hole a fistful of alternatively superior vulnerabilities.

If exploited, nan vulnerabilities mostly lead to codification execution, denial of service, escalation of privileges, accusation disclosure, and information tampering, which intends they are alternatively serious. Among them is CVE‑2024‑0126, which has a severity people of 8.2 (high severity).

Another six vulnerabilities are scored 7.8, while nan last 1 is scored 7.1. Of nan full 8 flaws, 5 impact nan Windows ecosystem. They are each personification mode furniture exploits, successful which threat actors could initiate out-of-bound sounds and frankincense execute codification remotely. One utilization was for some Windows and Linux.

Smash and grab

The specifications astir nan vulnerabilities and really they tin beryllium exploited tin beryllium recovered connected Nvidia’s information bulletin, here. There was nary connection of in-the-wild abuse, truthful we’re guessing crooks haven’t abused these bugs conscionable yet.

However, pinch Nvidia’s fame and prevalence, it is now only a matter of clip earlier miscreants commencement looking for susceptible endpoints to exploit.

GPUs are a celebrated target among cybercriminals, and not conscionable those built by Nvidia. For example, successful September 2023, information researchers warned of a flaw recovered successful GPUs from each awesome manufacturers, which allowed hackers to publication delicate information displayed successful browsers. Furthermore, successful June 2024, ARM said it had recovered vulnerabilities successful Bifrost and Valhall GPU kernel drivers being exploited successful nan wild.

At nan time, nan vulnerability was 2 years old, yet galore users did not spot it connected time.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

Running regular updates to some package and hardware is 1 of nan champion ways to forestall cyberattacks. Users are advised to download and instal nan package update done nan Driver Downloads page or, for nan vGPU package and Cloud Gaming updates, done nan Licensing Portal.

More from TechRadar Pro

Almost each apical GPUs are astatine consequence of this vulnerable cyberattack - here's what you request to know
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology