1 min read

NVIDIA Fixes High-Severity Vulnerability in Drivers

Silviu STAHIE

March 03, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
NVIDIA Fixes High-Severity Vulnerability in Drivers

NVIDIA released a security update for its drivers, fixing several issues that could lead to denial of service, escalation of privileges, or information disclosure. The update covers multiple vulnerabilities affecting both the display driver and the Virtual GPU Manager (VGPU).

All software and hardware have the potential to host vulnerabilities. NVIDIA”s GPUs are no exception, although they do not have to fix all that often. Issues with GPUs are not easy to exploit, but when vulnerabilities do present themselves, they need to be patched because they can open the way for attackers.

The biggest issue underlined by NVIDIA has a base severity score of 8.4 (CVE‑2020‑5957), which is considered high. While details about the security issue were not provided, the company did explain, briefly, the potential effects.

“NVIDIA Windows GPU Display Driver contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges,” says the advisory.

The other high-severity vulnerability, CVE‑2020‑5959, is just as cryptic: “NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service.”

The security vulnerabilities affect all GeForce R440 versions prior to 442.50, a selection of Quadro and NVS versions as well, and all Tesla versions, including R418 and R440.

Depending on the affected version, some fixes are set to arrive as soon as March 9th, 2020, with others landing a month later, in April. As usual, users are advised to upgrade their drivers as soon the security patches arrive with the latest NVIDIA drivers.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Israeli Authorities Seized Severs of Breached Company for Not Cooperating Israeli Authorities Seized Severs of Breached Company for Not Cooperating
Silviu STAHIE

July 04, 2022

1 min read
FTC warns LGBTQ+ community of extortion scams targeting them on dating apps FTC warns LGBTQ+ community of extortion scams targeting them on dating apps
Graham CLULEY

July 01, 2022

2 min read
OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you? OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you?
Radu CRAHMALIUC

June 30, 2022

3 min read