"Nvidia GPU Driver Bugs Threaten Device Takeover & More"

Nvidia's latest GPU Display Driver update fixes 29 security vulnerabilities, seven of which have a base score of more than 7. The company's graphics cards are designed to accelerate computing processing in order to support real-time or data-intensive applications. Therefore, they are well-known for their use in gaming, graphic design, and other creative fields, as well as in Artificial Intelligence (AI) and Machine Learning (ML). GeForce, Studio, Nvidia RTX, Quadro, NVS, and Tesla are among the software products affected by the update. According to the chipmaker, the most serious bugs are two flaws in the user mode layer for Windows versions that could allow an unauthorized user to execute code, escalate privileges, launch Denial-of-Service (DoS) attacks, and achieve data compromise and disclosure. With a CVSS score of 8.8, CVE‑2022‑34669 allows an unprivileged regular user to access or modify system files or other files critical to the application. CVE‑2022‑34671, with a CVSS score of 8.7, allows an unprivileged regular user to cause an out-of-bounds write. The latest security update also included several updates to the Linux display driver. This article continues to discuss the GPU Display Driver flaws that could expose gamers, graphic designers, and others to code execution, DoS attacks, data tampering, and more.

Dark Reading reports "Nvidia GPU Driver Bugs Threaten Device Takeover & More"