skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition
NVIDIA Security Update Addresses Critical GPU Driver Vulnerabilities

NVIDIA Security Update Addresses Critical GPU Driver Vulnerabilities

/ 2 min read

stories , nvidia , software updates , security vulnerabilities , gpu drivers , cve

NVIDIA has released a crucial security update to address several vulnerabilities in its GPU display drivers and vGPU software, which could allow attackers to escalate privileges, execute arbitrary code, and access sensitive information. These vulnerabilities, identified by CVE IDs such as CVE‑2024‑0126 and CVE‑2024‑0117, affect both Windows and Linux systems, with varying degrees of severity. The update is part of NVIDIA’s ongoing efforts to enhance the security of its products and protect users from potential cyber threats.

  • CVE‑2024‑0126: Affects NVIDIA GPU Display Driver for Windows and Linux, allowing privilege escalation and code execution with a base score of 8.2 (High).
  • CVE‑2024‑0117 to CVE‑2024‑0121: Affect NVIDIA GPU Display Driver for Windows, enabling out-of-bounds read leading to code execution and privilege escalation, each with a base score of 7.8 (High).
  • CVE‑2024‑0127 and CVE‑2024‑0128: Impact NVIDIA vGPU software, allowing improper input validation and access to global resources, with base scores of 7.8 and 7.1 respectively (High).

The vulnerabilities primarily stem from issues in the user mode layer of the GPU drivers, where unprivileged users can exploit out-of-bounds reads. This can lead to severe consequences such as denial of service, data tampering, and information disclosure. The vGPU software vulnerabilities involve improper input validation and unauthorized access to global resources, posing similar risks.

Despite the update, challenges remain in ensuring all users apply the necessary patches promptly. The risk assessment provided by NVIDIA is based on an average across diverse systems and may not reflect the specific risk to individual installations. Users are advised to consult IT professionals to evaluate their specific configurations.

Bottom line: NVIDIA’s security update is a critical step in mitigating potential threats posed by these vulnerabilities. However, users must remain vigilant and ensure their systems are updated to the latest driver versions to safeguard against exploitation. For more detailed information, visit the NVIDIA Product Security page.

Check out what's latest

New File Transfer Protocol Developed for Enhanced Security and Performance
New File Transfer Protocol Developed for Enhanced Security and Performance
Study Introduces Benchmark for Evaluating Cryptographic Protocols
Study Introduces Benchmark for Evaluating Cryptographic Protocols
Study Reveals Vulnerabilities of LLMs to Bit-Flip Attacks
Study Reveals Vulnerabilities of LLMs to Bit-Flip Attacks