Nvidia Releases Security Update for GPU Display Driver to Address Multi Vulnerabilities
Ddos 
Nvidia has recently released a critical software security update for its GPU Display Driver, addressing several vulnerabilities that could potentially lead to serious security risks for users. The update is available for various Nvidia products, including GeForce, RTX, Quadro, NVS, and Tesla, across Windows and Linux operating systems.
The security bulletin, released by Nvidia, details the vulnerabilities and their potential impacts. Among the most severe is CVE-2024-0131, a high-severity vulnerability that could allow a potential user-mode attacker to read a buffer with an incorrect length. Successful exploitation of this vulnerability could lead to a denial of service (DoS) condition.
Another significant vulnerability, CVE-2024-0150, exists in the NVIDIA GPU display driver for Windows and Linux. This vulnerability involves a buffer overflow issue, where data is written past the end or before the beginning of a buffer. Exploitation of this flaw could result in information disclosure, denial of service, or data tampering.
For virtualized environments, the NVIDIA vGPU software was also affected. Notably, CVE-2024-0146, a critical vulnerability in the Virtual GPU Manager, could enable malicious guests to cause memory corruption, leading to code execution, denial of service, or data tampering.
The update also addresses several other vulnerabilities with varying severity levels, including information disclosure, denial of service, and potential code execution.
The vulnerabilities impact a wide range of NVIDIA products, including GeForce, Quadro, NVS, Tesla GPUs, and vGPU software in both Windows and Linux environments. NVIDIA strongly advises users to download and install the updated drivers from the NVIDIA Driver Downloads page or, for vGPU software, through the NVIDIA Licensing Portal.
These flaw affected Driver Branches and Versions:
- For Windows, driver branches R535, R550, R560, and R565 are affected. Updated versions include R535 (539.19) and R550 (553.62).
- For Linux, driver branches R535 and R550 require updates to versions 535.230.02 and 550.144.03, respectively.
NVIDIA urges users and organizations to prioritize these updates to prevent exploitation of the vulnerabilities, which could lead to severe consequences, including system crashes, unauthorized data access, and code execution.