silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,048
Nvidia, which makes gaming-friendly graphics processing units (GPUs), on Thursday fixed a slew of high-severity flaws affecting its graphics driver. The vulnerabilities allow bad actors to cripple systems with denial of service attacks, escalate privileges, tamper with data or sniff out sensitive data.
Affected is Nvidia’s graphics driver (formally known as the GPU Display Driver) for Windows. The graphics driver is used in devices targeted to enthusiast gamers; it’s the software component that enables the device’s operating system and programs to use its high-level, gaming-optimized graphics hardware.
Nvidia’s Thursday security update addresses flaws tied to 16 CVEs overall. The most severe of these (CVE‑2021‑1051) is an issue in the graphic drivers’ kernel mode layer. This flaw ranks 8.4 out of 10 on the CVSS scale, making it high severity. [...]
Various Nvidia GeForce Windows and Linux driver branches are affected; Nvidia has released a full list of affected versions and updated driver versions on its security advisory. The graphics chip manufacturer has likewise released fixes for specific versions of the vGPU software affected by these flaws on its website.
Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws
In all, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021.
threatpost.com