A brand new replace from Nvidia for its GPU Show Driver contains fixes for a full 29 safety vulnerabilities, seven with a base rating of greater than 7.
The corporate’s graphics playing cards are constructed to speed up computing processing to help real-time or data-intensive purposes. As such, they’re identified for his or her use by avid gamers, graphic designers, and different inventive producers, and for synthetic intelligence and machine studying. Impacted software program merchandise for the replace particularly embody GeForce, Studio, Nvidia RTX, Quadro, NVS, and Tesla.
Probably the most severe of the bugs are two flaws that exist within the consumer mode layer for Home windows variations, each of which might permit an unauthorized consumer to execute code, escalate privileges, launch denial-of-service assaults, and obtain information compromise and disclosure, in response to the chipmaker:
- CVE‑2022‑34669 (CVSS rating of 8.8): An unprivileged common consumer can entry or modify system information or different information which are essential to the applying.
- CVE‑2022‑34671 (CVSS rating of 8.7): An unprivileged common consumer could cause an out-of-bounds write.
The show driver for Linux additionally obtained various updates on this newest safety replace.
“Earlier software program department releases that help these merchandise may additionally be affected,” the Nvidia safety replace stated. “If you’re utilizing an earlier department launch for which an replace model isn’t listed above, improve to the newest department launch.”