NVIDIA has issued essential security updates for its GPU Display Driver, addressing multiple vulnerabilities affecting Windows and Linux systems.
Users are urged to download and install these updates promptly via the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal for vGPU software and Cloud Gaming updates.
The vulnerabilities identified by their CVE IDs pose significant security risks, including potential code execution, denial of service, privilege escalation, information disclosure, and data tampering.
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
Below is a detailed table of the vulnerabilities addressed:
| CVE ID | Description | Base Score | Severity | Impacts |
| CVE‑2024‑0126 | Another out-of-bounds read vulnerability in the Windows user mode layer. | 8.2 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0117 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0118 | Similar out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0119 | Another out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0120 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE‑2024‑0121 | Out-of-bounds read vulnerability in Windows user mode layer. | 7.8 | High | Code execution, denial of service, privilege escalation, info disclosure, data tampering |
| CVE ID | Description | Base Score | Severity | Impacts |
| CVE‑2024‑0127 | Improper input validation in vGPU Manager for all hypervisors. | 7.8 | High | Code execution, privilege escalation, data tampering, denial of service, info disclosure |
| CVE‑2024‑0128 | Access to global resources in Virtual GPU Manager by guest OS users. | 7.1 | High | Privilege escalation, information disclosure, and data tampering |
These updates are crucial for maintaining system security and protecting sensitive information from potential threats.
NVIDIA recommends all users apply these patches immediately to mitigate risks associated with these vulnerabilities.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
NVIDIA has issued an urgent security advisory addressing three high-severity vulnerabilities in its NeMo Framework,…
Cisco has issued a high-severity advisory (cisco-sa-erlang-otp-ssh-xyZZy) warning of a critical remote code execution (RCE)…
Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure…
Security researcher Alessandro Sgreccia (aka "rainpwn") has revealed a set of critical vulnerabilities in Zyxel’s…
A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash servers…
Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat…
.jpeg?w=1024&resize=1024,682&ssl=1)