NVIDIA has issued essential security updates for its GPU Display Driver, addressing multiple vulnerabilities affecting Windows and Linux systems.
Users are urged to download and install these updates promptly via the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal for vGPU software and Cloud Gaming updates.Â
The vulnerabilities identified by their CVE IDs pose significant security risks, including potential code execution, denial of service, privilege escalation, information disclosure, and data tampering.
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
NVIDIA GPU Display Driver Vulnerabilities:
Below is a detailed table of the vulnerabilities addressed:
| CVE ID | Description | Base Score | Severity | Impacts |
| CVE‑2024‑0126 | Another out-of-bounds read vulnerability in the Windows user mode layer. | 8.2 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0117 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0118 | Similar out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0119 | Another out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0120 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0121 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
NVIDIA vGPU Software Vulnerabilities:
| CVE ID | Description | Base Score | Severity | Impacts |
| CVE‑2024‑0127 | Improper input validation in vGPU Manager for all hypervisors. | 7.8 | High | Code execution, privilege escalation, data tampering, denial of service, info disclosure |
| CVE‑2024‑0128 | Access to global resources in Virtual GPU Manager by guest OS users. | 7.1 | High | Privilege escalation, information disclosure, and data tampering |
These updates are crucial for maintaining system security and protecting sensitive information from potential threats.
NVIDIA recommends all users apply these patches immediately to mitigate risks associated with these vulnerabilities.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
