Critical vulnerability in NVIDIA drivers allows remote file theft – update your system

3 February 2025 2 minutes Author: Newsman

NVIDIA has released an urgent security update to address critical vulnerabilities in GPU Display Driver and Virtual GPU (vGPU) Software. Among them is CVE-2024-0149, which allows attackers to gain unauthorized access to files on Linux systems.

The vulnerabilities in NVIDIA drivers can lead to information leakage, denial of service (DoS), data corruption, or malicious code execution. The most dangerous of them are:

  • CVE-2024-0150 – a buffer overflow that could lead to data theft or a DoS attack (CVSS: 7.1).
  • CVE-2024-0146 – a memory corruption in Virtual GPU Manager that could allow malicious code execution (CVSS: 7.8).
  • CVE‑2024‑53881 – a vulnerability that allows a guest OS to create an “interrupt storm” on the host system, causing a crash (CVSS: 5.5).

Driver updates have been released for Windows and Linux users, including for GeForce, NVIDIA RTX, Quadro, NVS, Tesla GPUs.

The threat was discovered by researchers Xiaochen Zou and Wolfgang Frisch, after which NVIDIA confirmed its existence. Analysis showed that the vulnerabilities could be used by hackers to target corporate and private systems. The company urges to update drivers immediately to avoid possible use of these exploits. Updates are available via NVIDIA Driver Downloads or the Licensing Portal for vGPU.

NVIDIA users’ security may be at risk due to a series of serious vulnerabilities in drivers. Updates are already available, and the company recommends that all users immediately install new driver versions to protect themselves from potential attacks.

Other related articles
News
Read more
SBU investigates leak of state secrets after Budanov’s words
The SBU opened criminal proceedings for the leak of state secrets after the publication of Budanov's words. The SBU opened criminal proceedings for the leak of state secrets after the publication of Budanov's words. Ukrainska Pravda claims that it acted within the law.
39
Found an error?
If you find an error, take a screenshot and send it to the bot.