The company put out the appropriate resources to analyse, validate and provide corrective actions to resolve the issue. Nvidia took security concerns seriously and worked on to quickly evaluate and address them. Overall, the disclosure update included five desktop CVE vulnerabilities, with a CVE‑2020‑5957, which has been rated as critical from a cybersecurity standpoint.ĬVE‑2020‑5958: Nvidia Windows GPU Display Driver included a security flaw in the Nvidia Control Panel component in which the hacker with local system access can plant a malicious dynamic link library (DLL) file, which may cause harmful code execution, denial of service, and sensitive data disclosure.ĬVE‑2020‑5959: Nvidia Virtual GPU Manager contained a security flaw in the vGPU plugin, in which an input index value is wrongly validated, which causes a denial of service attack.ĬVE‑2020‑5960: Nvidia Virtual GPU Manager contained a security flaw in the kernel module (Nvidia.ko), wherein a null pointer can occur, which may cause a denial of service by a malicious actor.ĬVE‑2020‑5961: Nvidia vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to a denial of service. Here are the vulnerabilities disclosed by Nvidia related to GPU Display Driver, Virtual GPU Manager, and vGPU graphics driver. Nvidia also found vulnerabilities in vGPU manager - a virtualisation tool that helps multiple virtual machines to have simultaneous and direct access to a one physical GPU, and graphics drivers that are working on non-virtualised operating systems. Nvidia Windows GPU Display Driver included a vulnerability in the Control Panel component in which a malicious actor with local system access can corrupt a system file, which may cause a denial of service attack or escalation of privileges, which may be misused. The most serious flaw was found in the control panel component of the graphics driver, which is a utility software used to monitor and optimise the settings of the graphics adapter by users. Your newsletter subscriptions are subject to AIM Privacy Policy and Terms and Conditions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |