Nvidia Warns Severe Security Bugs in GPU Driver, vGPU Software
Nvidia has warned consumers of severe security bugs that lie in their graphics processing unit (GPU) display driver and vGPU software offerings. The group of security vulnerabilities could subject gamers and users to arbitrary code execution, denial of service attacks (DoS), information disclosure, and privilege-escalation attacks. The virtual GPU software (vGPU) shares a similar group of bugs that have the same attack risks.
The most severe of the five recently disclosed bugs ranks a 7.5 out of 10 on the CVSS vulnerability scale. It lies in the display driver’s installer and could allow an attacker with local system access to replace an application resource with malicious files, eventually gaining the capability to launch a number of attacks such as code execution. Nvidia has released patches addressing all of the bugs and urges users to implement the patches immediately.