- Apr 21, 2016
- 4,385
NVIDIA has just shipped updates for Meltdown and Spectre vulnerabilities, emphasizing that while its hardware is not impacted, drivers do require mitigations to block potential exploits.
“We believe our GPU hardware is immune to the reported security issue. As for our driver software, we are providing updates to help mitigate the CPU security issue,” the firm says.
NVIDIA updated GeForce, Quadro, and NVS drivers on Windows, Linux, FreeBSD, and Solaris, Tesla drivers on Windows and Linux, and GRID drivers on Windows, Windows Server with Hyper-V, Linux, Citrix XenServer, VMware vSphere, and Red Hat KVM.
You can refer to the table at the end of the article to check for the versions you should update to in order to be protected from Meltdown and Spectre vulnerabilities, yet it’s worth mentioning that additional patches will be released by the end of the month for drivers not yet patched.
Software patching
NVIDIA says its users should be protected against all three variants of the Meltdown and Spectre vulnerabilities, though the company confirms that in some cases software patching is required.
“Variant 1 (CVE-2017-5753): CPU mitigations are provided with the security update included in this bulletin. NVIDIA expects to work together with its ecosystem partners on future updates to further strengthen mitigations for affected CPUs.
Variant 2 (CVE-2017-5715): NVIDIA’s initial analysis indicates that NVIDIA software running on affected CPUs may require further updates. NVIDIA expects to work together with its ecosystem partners on this variant.
Variant 3 (CVE-2017-5754): At this time, NVIDIA has no reason to believe that NVIDIA software is vulnerable to this variant when running on affected CPUs.”
Read more: NVIDIA Releases Meltdown and Spectre Updates
“We believe our GPU hardware is immune to the reported security issue. As for our driver software, we are providing updates to help mitigate the CPU security issue,” the firm says.
NVIDIA updated GeForce, Quadro, and NVS drivers on Windows, Linux, FreeBSD, and Solaris, Tesla drivers on Windows and Linux, and GRID drivers on Windows, Windows Server with Hyper-V, Linux, Citrix XenServer, VMware vSphere, and Red Hat KVM.
You can refer to the table at the end of the article to check for the versions you should update to in order to be protected from Meltdown and Spectre vulnerabilities, yet it’s worth mentioning that additional patches will be released by the end of the month for drivers not yet patched.
Software patching
NVIDIA says its users should be protected against all three variants of the Meltdown and Spectre vulnerabilities, though the company confirms that in some cases software patching is required.
“Variant 1 (CVE-2017-5753): CPU mitigations are provided with the security update included in this bulletin. NVIDIA expects to work together with its ecosystem partners on future updates to further strengthen mitigations for affected CPUs.
Variant 2 (CVE-2017-5715): NVIDIA’s initial analysis indicates that NVIDIA software running on affected CPUs may require further updates. NVIDIA expects to work together with its ecosystem partners on this variant.
Variant 3 (CVE-2017-5754): At this time, NVIDIA has no reason to believe that NVIDIA software is vulnerable to this variant when running on affected CPUs.”
Read more: NVIDIA Releases Meltdown and Spectre Updates
