NVIDIA Releases Security Update to Address GPU Driver Vulnerabilities

NVIDIA has issued a software security update for its GPU Display Driver to address multiple vulnerabilities. The vulnerabilities affect both the NVIDIA GPU Display Driver and the NVIDIA VGPU Software across various operating systems.

The security bulletin details several Common Vulnerabilities and Exposures (CVEs) that have been identified.

One vulnerability in the NVIDIA GPU Driver for Linux (CVE-2025-23244) could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
NVIDIA VGPU software for Windows and Linux contains vulnerabilities in the Virtual GPU Manager (VGPU plugin). CVE-2025-23245 allows a guest to access global resources, potentially leading to a denial of service. CVE-2025-23246 also involves a vulnerability in the Virtual GPU Manager, where a guest can consume uncontrolled resources, again leading to a denial-of-service.

The vulnerabilities affect a range of NVIDIA products, including:

GeForce
NVIDIA RTX
Quadro
NVS
Tesla

The affected driver versions vary depending on the specific branch (R535, R550, R570, R575) and operating system (Linux, Windows). Users of NVIDIA VGPU software on Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, Ubuntu, Microsoft Azure Local, and Microsoft Windows Server are also impacted.

NVIDIA advises users to update their GPU Display Drivers and VGPU Software to the latest versions to mitigate these vulnerabilities.

For NVIDIA GPU Display Drivers, users can download the updates from the NVIDIA Driver Downloads page.
For NVIDIA VGPU Software and Cloud Gaming updates, users should use the NVIDIA Licensing Portal.

Rate this post

Related Posts:

Leave a Reply Cancel reply