Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

NVIDIA informs customers of its products affected by Log4j flaws

NVIDIA released a security advisory to inform customers what products are affected by the recently disclosed Log4Shell vulnerability. NVIDIA has assessed its products to determine if they are vulnerable to the Log4shell vulnerability in Log4J library. The company states that the following products are not impacted by the Log4j vulnerabilities: GeForce Experience client software GeForceNOW […]

NVIDIA

NVIDIA released a security advisory to inform customers what products are affected by the recently disclosed Log4Shell vulnerability.

NVIDIA has assessed its products to determine if they are vulnerable to the Log4shell vulnerability in Log4J library.

The company states that the following products are not impacted by the Log4j vulnerabilities:

  • GeForce Experience client software
  • GeForceNOW client software
  • GPU Display Drivers for Windows
  • L4T Jetson Products
  • SHIELD TV

The security advisory published by the company confirms that the following NVIDIA products are affected by Log4J issues:

NVIDIA also informed customers that CUDA Toolkit Visual Profiler includes Log4j files, but the good news is that the application is not using the library.

“Log4j is included in CUDA Toolkit. However it is not being used and there is no risk to users who have the Log4j files. Because they are not being used, an update is being prepared to remove the Log4j files[1] from CUDA Toolkit. If concerned, customers can safely delete the files as a mitigation.” reads the security advisory.

According to the advisory, by default, DGX systems are not impacted by the flaw because DGX OS releases did not include the Log4j. However, users can install the flawed library as additional software.

Users are recommended to update their installs to the latest available version of the library, another option consists in removing it.

NVIDIA is still investigating the impact of the Log4J flaws in its products and services.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, NVIDIA)

[adrotate banner=”5″]

[adrotate banner=”13″]