"NVIDIA Fixes Ten Vulnerabilities in Windows GPU Display Drivers"

NVIDIA has issued a security update for various graphics card models to fix four high-severity and six medium-severity vulnerabilities in its GPU drivers. The security update addresses flaws that malicious actors can exploit for Denial-of-Service (DoS), information disclosure, privilege escalation, code execution, and more. The updates are available for Tesla, RTX/Quadro, NVS, Studio, and GeForce software products, covering driver branches R450, R470, and R510. Besides the current and recent product lines that are actively supported, NVIDIA's latest release covers GTX 600 and GTX 700 Kepler-series cards, for which support ended in October 2021. The flaws require low privileges and do not need user interaction. Therefore, they could be incorporated into malware, thus allowing attackers to execute commands with higher privileges. The first two vulnerabilities can be exploited over the network, while the other two flaws are exploited with local access, which could still be helpful for malware infecting a system with low privileges. This article continues to discuss the security update NVIDIA released for vulnerabilities in its GPU drivers.

Bleeping Computer reports "NVIDIA Fixes Ten Vulnerabilities in Windows GPU Display Drivers"