Description:

NVIDIA has released a security update to address multiple vulnerabilities in the following products:

• GeForce, Studio - Windows
  • R470
    • All versions prior to 471.41
• NVIDIA RTX/Quadro, NVS - Windows
  • R470
    • All versions prior to 471.41
  • R460
    • All versions prior to 462.96
  • R450
    • All versions prior to 453.10
  • R390
    • All versions prior to 392.67
• Tesla - Windows
  • R460
    • All versions prior to 462.96
  • R450
    • All versions prior to 453.10
  • R418
    • All versions prior to 427.48
• GeForce - Linux
  • R470
    • All versions
  • R460
    • All versions prior to 460.91.03
• NVIDIA RTX/Quadro, NVS - Linux
  • R470
    • All versions
  • R460
    • All versions prior to 460.91.03
  • R390
    • All versions prior to 390.144
• Tesla - Linux
  • R470
    • All versions
  • R460
    • All versions prior to 460.91.03
  • R450
    • All versions prior to 450.142.00
  • R418
    • All versions prior to 418.211.00
• vGPU software (guest driver) - Windows
  • 462.31
    • All versions prior to 12.3
  • 452.96
    • All versions prior to 11.5
  • 427.33
    • All versions prior 8.8
• vGPU software (guest driver) - Linux
  • 460.73.01
    • All versions prior to 12.3
  • 450.119.03
    • All versions prior to 11.5
  • 418.197.02
    • All versions prior to 8.8
• vGPU software (Virtual GPU Manager) - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM, Nutanix AHV
  • 460.73.02
    • All versions prior to 12.3
  • 450.124
    • All versions prior to 11.5
  • 418.196
    • All versions prior to 8.8

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Denial of service (DoS)
• Data loss
• Information disclosure

Best practice and Recommendations:

The CERT team encourages users to review NVIDIA security advisory and apply the necessary updates:

• https://nvidia.custhelp.com/app/answers/detail/a_id/5211