Thursday, May 8, 2025
Homecyber securityNVIDIA GPU Display Drivers Vulnerability Lets Attackers Access Files Remotely

NVIDIA GPU Display Drivers Vulnerability Lets Attackers Access Files Remotely

Published on

SIEM as a Service

Follow Us on Google News

NVIDIA has issued a critical security update to address multiple vulnerabilities in its GPU Display Driver and vGPU software, affecting both Windows and Linux systems.

Among these is CVE‑2024‑0149, a vulnerability in the NVIDIA GPU Display Driver for Linux that could allow attackers unauthorized access to files.

These vulnerabilities, disclosed in January 2025, pose risks such as denial of service (DoS), data tampering, information disclosure, and even code execution.

- Advertisement - Google News

Users are strongly advised to update their drivers via the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal for vGPU software.

Details of Vulnerabilities

The security update addresses seven key vulnerabilities, categorized by severity levels:

High-Severity Vulnerabilities:

  • CVE-2024-0150: A buffer overflow vulnerability in the GPU Display Driver for Windows and Linux allows data to be written beyond allocated memory. This can lead to information disclosure, DoS, or data tampering (CVSS score: 7.1).
  • CVE-2024-0146: Found in the Virtual GPU Manager of vGPU software, this flaw allows a malicious guest to cause memory corruption, potentially resulting in code execution, DoS, or data tampering (CVSS score: 7.8).

Medium-Severity Vulnerabilities:

  • CVE-2024-0147: Occurs when referencing freed memory in the GPU Display Driver for Windows and Linux. Exploitation could lead to DoS or data tampering (CVSS score: 5.5).
  • CVE-2024-53869: A vulnerability in the Unified Memory driver for Linux could leak uninitialized memory, leading to information disclosure (CVSS score: 5.5).
  • CVE-2024-53881: Found in the host driver of vGPU software, this flaw enables a guest to create an interrupt storm on the host system, causing DoS (CVSS score: 5.5).
  • CVE-2024-0131: A buffer handling issue in the GPU kernel driver for Windows and Linux allows attackers to read buffers with incorrect lengths, potentially leading to DoS (CVSS score: 4.4).

Low-Severity Vulnerability:

  • CVE-2024-0149: A flaw in the Linux GPU Display Driver permits unauthorized file access, leading to limited information disclosure (CVSS score: 3.3).

The vulnerabilities affect a broad range of NVIDIA products across different driver branches:

Windows Drivers: GeForce, NVIDIA RTX/Quadro/NVS, and Tesla GPUs are impacted across R535, R550, R560, R565, and R570 branches. Updated versions include R535 (539.19), R550 (553.62), and R570 (572.16).

Linux Drivers: Similar issues affect Linux drivers in branches R535, R550, and R570. Updated versions include R535 (535.230.02), R550 (550.144.03), and R570 (570.86.16).

For vGPU software users, affected components include guest drivers and Virtual GPU Manager across platforms like Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, and Azure Local.

Mitigation Measures

NVIDIA recommends immediate installation of updated drivers to mitigate these risks.

Users should consult their IT professionals to evaluate their specific configurations and apply appropriate updates.

Acknowledgments were extended to researchers Xiaochen Zou and Wolfgang Frisch for reporting several vulnerabilities.

This update underscores the importance of proactive security measures in safeguarding systems against potential exploits targeting GPU hardware and virtualization environments.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Aman Mishra
Aman Mishra
Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Latest articles

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...