With more than 200 million gamers using Nvidia graphics to power their gaming experience across Linux and Windows platforms, security advisories need to be taken very seriously. When that advisory concerns no less than eight new high-severity vulnerabilities, only a total lamer gamer would ignore it. Here’s what you need to know about Nvidia security vulnerabilities CVE‑2024‑0117 through CVE‑2024‑0121.
Nvidia has published an advisory bulletin that details a total of eight high-severity common vulnerabilities and exposures, better known as CVE-rated security vulnerabilities. The vulnerabilities, impacting users of Nvidia graphics processing units across both Linux and Windows platforms, sit within the GPU display driver aand the virtual GPU software.
The reason for the urgency of this Nvidia security warning is, the company explained, the possible effect that those vulnerabilities can have on users: code execution, denial of service, privilege escalation, information disclosure, and falsification of knowledge. If that sounds bad, it’s because it is.
Out-of-bounds memory vulnerabilities exist when a program attempts to read data from a memory location other than an allocated buffer. As such, they are among the most common security vulnerabilities, but their popularity has no small consequences. Most of the vulnerabilities described in this new Nvidia security advisory appear to be in the user-layer mode of the GPU demo driver, and a successful exploit would allow an unprivileged attacker to cause what is known as an unauthorized read. . limits, generating impacts. aforementioned.
The two vGPU software vulnerabilities are found in the kernel driver and virtual GPU manager of all supported hypervisors. The vGPU kernel vulnerability is a type of input validation that compromises the guest op kernel. The Virtual GPU Control Software vulnerability, on the other hand, allows a guest operational formula user to access global resources.
“For your system,” Nvidia said, “download and install this software update via the NVIDIA driver download page. ” The update to fix the vGPU vulnerabilities can be downloaded through the Nvidia licensing portal.
Nvidia’s security updates for the GPU show the driving force in the Windows Driving Force branch are shown in the following table: You can click on the symbol to view the full original on the Nvidia Security Announcements site, where the full table of Linux Driving Power branches is also available.
Nvidia Security Advisory Release Chart
As with all incidents where high severity vulnerabilities are revealed, all affected users are asked to follow the orders of the Nvidia security team and update now so that their systems are fully protected.
A community. Many voices. Create a free account to share your thoughts.
Our network aims to connect others through open and thoughtful conversations. We need our readers to share their perspectives and exchange ideas and facts in one space.
To do so, please comply with the posting regulations in our site’s terms of use. Below we summarize some of those key regulations. In short, civilians.
Your message will be rejected if we notice that it appears to contain:
User accounts will be locked if we become aware that users are engaging in:
So, how can you be a power user?
Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.