Description:

NVIDIA has released a security updates to address multiple vulnerabilities in the following products:

• GeForce – Windows
  • R460 - All versions prior to 461.09
• NVIDIA RTX/Quadro, NVS – Windows
  • R460 - All versions prior to 461.09
  • R450 - All versions prior to 452.77
  • R390 - All versions prior to 392.63
• Tesla - Windows
  • R460 - All versions prior to 461.09
  • R450 - All versions prior to 452.77
  • R418 - All versions prior to 427.11
• GeForce - Linux
  • R460 - All versions prior to 460.32.03
  • R450 - All versions prior to 450.102.04
• NVIDIA RTX/Quadro, NVS - Linux
  • R460 - All versions prior to 460.32.03
  • R450 - All versions prior to 450.102.04
• Tesla - - Linux
  • R460 - All versions
  • R450 - All versions
  • R418 - All versions
• vGPU software (guest driver) - Windows
  • vGPU Software
    • All versions prior to 11.3
    • All versions prior to 8.6
  • Driver
    • All versions prior to 452.77
    • All versions prior to 427.11
• vGPU software (guest driver) - Linux
  • vGPU Software
    • All versions prior to 11.3
    • All versions prior to 8.6
  • Driver
    • All versions prior to 450.102.04
    • All versions prior to 418.181.07
• vGPU software (Virtual GPU Manager) - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, Nutanix AHV
  • vGPU Software
    • All versions prior to 11.3
    • All versions prior to 8.6
  • Driver
    • All versions prior to 450.102
    • All versions prior to 418.181

Threats:

An attacker could exploit these vulnerabilities by doing the following:

• Escalation of privilege
• Denial of service (DoS)
• Unexpected consumption of resources
• Disclosure of information
• Execute arbitrary code

Best practice and Recommendations:

The CERT team encourages users to review NVIDIA security advisory and apply the necessary updates:

• https://nvidia.custhelp.com/app/answers/detail/a_id/5142