- Nvidia has released patches for its GPU drivers for Linux and Windows operating systems to fix the existing vulnerabilities.
- The Windows version of the GPU drivers has vulnerabilities reaching up to a CVSS score of 8.8, while the most dangerous flaw in the Linux version reaches 7.8.
- Nvidia urges users immediately update their drivers, which can easily be done in the GeForce Experience application in Windows.
Nvidia has recently released updates for its Windows and Linux GPU drivers that fix vulnerabilities. Some of those vulnerabilities can go up to 8.8 in the CVSS scoring system, which makes them high-severity vulnerabilities.
Several high-severity vulnerabilities
The most dangerous vulnerability that is fixed through the updates is CVE-2022-34669 with CVSS 8.8, affecting Windows users. It allows unprivileged regular users to access or modify system files, leading to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. Shortly, it is bad.
The other vulnerability that has a base score higher than 8.0 is CVE-2022-34671 with 8.5, which also affects Windows users. It allows unprivileged users to cause an out-of-bounds write, which could lead to similar results with CVE-2022-34664.
Affects Linux drivers as well
The highest severity vulnerability affecting Linux users is CVE-2022-34670 with a CVSS score of 7.8, existing in the kernel mode layer handler. Nvidia summarizes this vulnerability as follows:
« Nvidia GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure. »
There are also three more high-severity vulnerabilities in Linux drivers of Nvidia GPUs, which can be tracked as CVE-2022-42263, CVE-2022-34676, and CVE-2022-42264; all of them have CVSS scores of 7.1. You can also check all of the vulnerabilities in Nvidia’s blog post regarding those patches.
Nvidia urges users to update their drivers to the latest versions. Windows users can easily update their Nvidia drivers through GeForce Experience software and by selecting the Drivers tab. You can also use the following link to manually download and install the newest Nvidia drivers on your system:
Click here to download the latest Nvidia drivers for your system