
NVIDIA has released an urgent security update to address critical vulnerabilities in GPU Display Driver and Virtual GPU (vGPU) Software. Among them is CVE-2024-0149, which allows attackers to gain unauthorized access to files on Linux systems.
The vulnerabilities in NVIDIA drivers can lead to information leakage, denial of service (DoS), data corruption, or malicious code execution. The most dangerous of them are:
Driver updates have been released for Windows and Linux users, including for GeForce, NVIDIA RTX, Quadro, NVS, Tesla GPUs.
The threat was discovered by researchers Xiaochen Zou and Wolfgang Frisch, after which NVIDIA confirmed its existence. Analysis showed that the vulnerabilities could be used by hackers to target corporate and private systems. The company urges to update drivers immediately to avoid possible use of these exploits. Updates are available via NVIDIA Driver Downloads or the Licensing Portal for vGPU.
NVIDIA users’ security may be at risk due to a series of serious vulnerabilities in drivers. Updates are already available, and the company recommends that all users immediately install new driver versions to protect themselves from potential attacks.