FlagThis

NVIDIA has released a critical security update to address vulnerabilities in its GPU Display Driver and vGPU software, affecting both Windows and Linux systems. The update, issued in January 2025, aims to mitigate risks such as information disclosure, denial of service, data tampering, and potential code execution. Users are strongly advised to install the latest updates via the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal.

Among the key vulnerabilities addressed is CVE-2024-0149, a flaw in the NVIDIA GPU Display Driver for Linux that could allow attackers unauthorized access to files. This low-severity vulnerability could lead to limited information disclosure. The security update also addresses high-severity vulnerabilities like CVE-2024-0150, a buffer overflow in the GPU Display Driver for Windows and Linux which could lead to information disclosure, denial of service, or data tampering.

ImgSrc: blogger.googleu

References :

• cyberpress.org: NVIDIA GPU Driver Flaw Allow Attackers to Access Files Remotely
• gbhackers.com: NVIDIA GPU Display Drivers Vulnerability Lets Attackers Access Files Remotely
• Cyber Security News: NVIDIA GPU Driver Flaw Allow Attackers to Access Files Remotely
• gbhackers.com: NVIDIA GPU Display Drivers Vulnerability Lets Attackers Access Files Remotely
• Cyber Security News: NVIDIA GPU Display Driver Vulnerability Lets Attackers Steal Files Remotely – Update Now
• Pyrzout :vm:: Report on NVIDIA GPU Display Driver Vulnerability

Classification:

• HashTags: #NVIDIASecurity #GPUVulnerability #LinuxSecurity
• Company: NVIDIA
• Target: NVIDIA GPU users
• Product: GPU Display Driver
• Feature: GPU Display Driver
• Type: Vulnerability
• Severity: Medium