Description:

NVIDIA has released security update to address multiple vulnerabilities in the following products:

• GeForce - Windows
  • All R440 versions prior to 442.50
• Quadro, NVS - Windows
  • All R440 versions prior to 442.50
  • All R430 versions prior to 432.28
  • All R418 versions prior to 426.50
  • All R390 versions prior 392.59
• Tesla – Windows
  • All R440 versions
  • All R418 versions prior to 426.50
• vGPU graphics driver for guest OS – Windows
  • vGPU Software 10.1 - Driver 442.06
  • vGPU Software 10.0 - Driver 441.66
  • vGPU Software 9.2 - Driver 432.08
  • vGPU Software- 9.1 Driver 431.79
  • vGPU Software 8.2 - Driver 426.26
  • vGPU Software 8.1 - Driver 426.04
  • vGPU Software 8.0 - Driver 425.26
• vGPU graphics driver for guest OS – Linux
  • vGPU Software 10.1 - Driver 440.56
  • vGPU Software 10.0 - Driver 440.43
  • vGPU Software 9.2 - Driver 430.63
  • vGPU Software 9.1 - Driver 430.46
  • vGPU Software 9.0 - Driver 430.30
  • vGPU Software- 8.2 Driver 418.43
  • vGPU Software- 8.1 Driver 418.92
  • vGPU Software 8.0 - Driver 418.70
• Virtual GPU Manager - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, Nutanix AHV
  • vGPU Software10.1 - Driver 440.53
  • vGPU Software10.0 - Driver 440.43
  • vGPU Software 9.2 - Driver 430.67
  • vGPU Software 9.1 - Driver 430.46
  • vGPU Software9.0 - Driver 430.27
  • vGPU Software8.2 - Driver 418.109
  • vGPU Software8.1 - Driver 418.92
  • vGPU Software8.0 - Driver 418.66

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Denial of service attack (DoS).
• Escalation of privilege.
• Execute arbitrary code.
• Disclosure of information.

Best practice and Recommendations:

The CERT team encourages users to review NVIDIA security advisory and apply the necessary updates:

• https://nvidia.custhelp.com/app/answers/detail/a_id/4996