U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Nvidia releases security updates for GPU display driver and vGPU flaws

Nvidia has released security updates to address high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software.  Nvidia has addressed a total of 16 flaws, including high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software.   The addressed flaws may lead to denial of service, escalation of privileges, data tampering, or information disclosure. […]

NVIDIA

Nvidia has released security updates to address high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software. 

Nvidia has addressed a total of 16 flaws, including high-severity vulnerabilities affecting the Nvidia GPU display driver and vGPU software.  

The addressed flaws may lead to denial of service, escalation of privileges, data tampering, or information disclosure.

The most severe vulnerability tracked as CVE‑2021‑1051 received a CVSS score of 8.4, it could lead to denial of service or escalation of privileges.

“NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an operation is performed which may lead to denial of service or escalation of privileges.” reads the security advisory.

The company also addressed the CVE‑2021‑1052 flaw that could lead to denial of service, escalation of privileges, and information disclosure. The vulnerability received a CVSS score of 7.8.

“NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.” continues the advisory.

The technology company resolved CVE‑2021‑1053 and CVE‑2021‑1054 flaws that received a CVSS score of 6.6 and 6.5 respectively. Both vulnerabilities may lead to denial of service.

The unique flaw that affects GPU Display Driver for Linux, tracked as CVE‑2021‑1056, may lead to denial of service or information disclosure. The flaw has received a CVSS score of 5.3.

The company addressed 10 vulnerabilities affecting the NVIDIA VGPU SOFTWARE, eight of which relate to the vGPU manager. 9 out of 10 vulnerabilities (CVE‑2021‑1057 through CVE‑2021‑1065) received a CVSS score of 7.8

The CVE‑2021‑1066 received a severity score of 7.8. 

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Nvidia)

[adrotate banner=”5″]

[adrotate banner=”13″]