NVIDIA has issued essential security updates for its GPU Display Driver, addressing multiple vulnerabilities affecting Windows and Linux systems.
Users are urged to download and install these updates promptly via the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal for vGPU software and Cloud Gaming updates.
The vulnerabilities identified by their CVE IDs pose significant security risks, including potential code execution, denial of service, privilege escalation, information disclosure, and data tampering.
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
Below is a detailed table of the vulnerabilities addressed:
| CVE ID | Description | Base Score | Severity | Impacts |
| CVE‑2024‑0126 | Another out-of-bounds read vulnerability in the Windows user mode layer. | 8.2 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0117 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0118 | Similar out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0119 | Another out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0120 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0121 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE ID | Description | Base Score | Severity | Impacts |
| CVE‑2024‑0127 | Improper input validation in vGPU Manager for all hypervisors. | 7.8 | High | Code execution, privilege escalation, data tampering, denial of service, info disclosure |
| CVE‑2024‑0128 | Access to global resources in Virtual GPU Manager by guest OS users. | 7.1 | High | Privilege escalation, information disclosure, and data tampering |
These updates are crucial for maintaining system security and protecting sensitive information from potential threats.
NVIDIA recommends all users apply these patches immediately to mitigate risks associated with these vulnerabilities.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
Google, in collaboration with its Mandiant Threat Intelligence team, has issued a warning about a…
The TgToxic Android malware, initially discovered in July 2022, has undergone significant updates, enhancing its…
A critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become…
The Socket Research Team has uncovered a malicious npm package@ton-wallet/create designed to steal sensitive cryptocurrency…
Researchers at Palo Alto Networks have identified a new Linux malware, dubbed "Auto-Color," that has…
The Lumma Stealer malware, a sophisticated infostealer, is being actively distributed through malicious files disguised…