NVIDIA Windows/Linux Graphics Drivers Hit By A Series Of Security Vulnerabilities

Written by Michael Larabel in NVIDIA on 10 January 2021 at 06:10 AM EST. 21 Comments
NVIDIA
With this week's R460 driver release also comes a number of security updates. Several security issues have been patched in both the NVIDIA Windows and Linux graphics driver components.

The set of 2021 CVEs "addresses issues that may lead to denial of service, escalation of privileges, data tampering, or information disclosure."

Among the vulnerabilities are a kernel ioctl through which user-mode clients can access legacy privileged APIs, the kernel driver not completely honoring file-system permissions for GPU device-level isolation, and several more vGPU software vulnerabilities.

The Linux driver vulnerabilities have been fixed in 460.32.03 / 450.102.04 while a legacy Linux driver update is also expected in about one week to fix the issues there.

More details on these NVIDIA graphics driver vulnerabilities via the NVIDIA help section.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week