NVIDIA has issued patches for 10 vulnerabilities in its vGPU management software and six vulnerabilities in its GPU display drivers for Windows and Linux.
Threats such as denial of service, privileged access, data tampering, and information leakage are possible as a result of these vulnerabilities in Windows and Linux systems.
All of these security flaws necessitate interaction with the device’s local user, which implies that attackers will need to acquire access to the device through another means.
Eleven High Severity Vulnerabilities Patched
If an attacker successfully exploits one of the vulnerabilities patched today, they will be able to obtain access to systems with greater rights than those provided by the OS itself.
They can also be used to gain access to otherwise inaccessible information or to temporarily make machines running vulnerable drivers or software useless.
Security problems identified as CVE-2021-1052, CVE-2021-1053, and CVE-2021-1056 affecting the Linux GPU Display Driver for Tesla GPUs have been fixed and a new driver version will be available beginning on January 18, 2021.
These vulnerabilities have CVSS V3 base ratings between 5.3 and 8.4, with 11 of them rated as “high risk” by NVIDIA.
According to NVIDIA’s security advisory, the “risk assessment is based on an average of risk across a broad set of installed systems and may not represent the true danger of your local installation.”
Additionally, the company suggests seeking the assistance of an IT or security expert to accurately assess the threat posed by these vulnerabilities to your particular system setup.
In the January 2021 Security Bulletin, NVIDIA details all of the vulnerabilities it has patched in the past month.
It is Possible to Find Some Driver Variants at Hardware Distributors.
GeForce, NVIDIA RTX, Quadro, NVS, and Tesla GPU display drivers, as well as Virtual GPU Manager and guest driver software, all have recommended security upgrades available on the NVIDIA Driver Downloads website.
The business adds that some consumers who won’t manually fix the weaknesses may obtain security upgrades bundled with Windows GPU display driver 460.84, 457.49, and 452.66 versions from their computer hardware vendors.
The NVIDIA Licensing Center is where business customers of NVIDIA vGPU software may access the latest upgrades.
Follow the instructions here to determine which version of the NVIDIA drivers is currently loaded on your machine.
