NVIDIA Windows/Linux Graphics Drivers Hit By A Series Of Security Vulnerabilities
With this week's R460 driver release also comes a number of security updates. Several security issues have been patched in both the NVIDIA Windows and Linux graphics driver components.
The set of 2021 CVEs "addresses issues that may lead to denial of service, escalation of privileges, data tampering, or information disclosure."
Among the vulnerabilities are a kernel ioctl through which user-mode clients can access legacy privileged APIs, the kernel driver not completely honoring file-system permissions for GPU device-level isolation, and several more vGPU software vulnerabilities.
The Linux driver vulnerabilities have been fixed in 460.32.03 / 450.102.04 while a legacy Linux driver update is also expected in about one week to fix the issues there.
More details on these NVIDIA graphics driver vulnerabilities via the NVIDIA help section.
The set of 2021 CVEs "addresses issues that may lead to denial of service, escalation of privileges, data tampering, or information disclosure."
Among the vulnerabilities are a kernel ioctl through which user-mode clients can access legacy privileged APIs, the kernel driver not completely honoring file-system permissions for GPU device-level isolation, and several more vGPU software vulnerabilities.
The Linux driver vulnerabilities have been fixed in 460.32.03 / 450.102.04 while a legacy Linux driver update is also expected in about one week to fix the issues there.
More details on these NVIDIA graphics driver vulnerabilities via the NVIDIA help section.
21 Comments