A brand new replace from Nvidia for its GPU Display Driver consists of fixes for a full 29 safety vulnerabilities, seven with a base rating of greater than 7.
The firm’s graphics playing cards are constructed to speed up computing processing to assist real-time or data-intensive purposes. As such, they’re recognized for his or her use by players, graphic designers, and different inventive producers, and for synthetic intelligence and machine studying. Impacted software program merchandise for the replace particularly embody GeForce, Studio, Nvidia RTX, Quadro, NVS, and Tesla.
The most critical of the bugs are two flaws that exist within the consumer mode layer for Windows variations, each of which might permit an unauthorized consumer to execute code, escalate privileges, launch denial-of-service assaults, and obtain information compromise and disclosure, in keeping with the chipmaker:
- CVE‑2022‑34669 (CVSS rating of 8.8): An unprivileged common consumer can entry or modify system information or different information which can be crucial to the appliance.
- CVE‑2022‑34671 (CVSS rating of 8.7): An unprivileged common consumer could cause an out-of-bounds write.
The show driver for Linux additionally acquired a variety of updates on this newest safety replace.
“Earlier software program department releases that assist these merchandise may additionally be affected,” the Nvidia safety replace stated. “If you might be utilizing an earlier department launch for which an replace model just isn’t listed above, improve to the most recent department launch.”