Check out our Monthly Survey Page to see what our users are running.
We do often include affiliate links to earn us some pennies. See more here.

NVIDIA issued a new Security Bulletin, to advise you to update your GPU drivers due to multiple security issues discovered. This bulletin went out today with the email arriving in my inbox moments ago, so here's the details of the issues that affect Linux.

Firstly all driver versions below these are affected: 530.41.03, 525.105.17, 515.105.01 and 470.182.03. So make sure you upgrade if you're on a driver below the version number listed there in each series. The driver actual series doesn't matter, they fixed it it all listed.

Here's what issues affected just Linux or Windows and Linux together:

  • CVE-2023-0189 - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.;
  • CVE‑2023‑0184 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
  • CVE-2023-0181 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.
  • CVE-2023-0191 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering.
  • CVE-2023-0183 - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering.
  • CVE-2023-0180 - NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure.
  • CVE-2023-0185 - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issues may lead to denial of service or information disclosure.
  • CVE-2023-0198 - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering.
  • CVE-2023-0187 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read can lead to denial of service.
  • CVE-2023-0199 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.
  • CVE-2023-0190 - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.
  • CVE-2023-0188 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause an out-of-bounds read, which may lead to denial of service.
  • CVE-2023-0194 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service.
  • CVE-2023-0195 - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to information disclosure.

Driver versions 525.105.17 and 470.182.03 were released today, which along with the security fixes also address other issues (other drivers already out had the fixes). For driver 525.105.17 this is the changelog:

  • Fixed a bug that could cause the nvidia-settings control panel to crash when resetting the display layout.
  • Fixed a bug that could cause excessive GPU power consumption at idle when driving multiple displays with a high refresh rate.
  • Fixed a bug in nvidia-powerd which could cause excessive CPU usage.
  • Fixed an issue which could cause applications to run at 1 FPS when using an NVIDIA PRIME Display Offload sink as the only active display.
  • Added compatibility for Linux kernels with Indirect Branch Tracking (IBT).
  • Fixed a bug that could cause fullscreen PRIME Render Offload applications and/or X to crash when an NVIDIA GPU is driving multiple displays with Reverse PRIME.
  • Added support for console restoration when using simpledrm.
  • Updated nvidia-modprobe to create symbolic links in /dev/char when creating the /dev/nvidia* device nodes. This resolves an issue that prevented the device nodes from working with newer versions of runc:
    https://github.com/opencontainers/runc/issues/

And for 470.182.03:

  • Fixed an issue where HDMI audio output was not working in some cases, especially with high display refresh rates (120Hz, 100Hz, etc.) using Fixed Rate Link (FRL) transmission mode.

See the full details in their new announcement.

Article taken from GamingOnLinux.com.
14 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
The comments on this article are closed.
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
No comments yet!

While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
The comments on this article are closed.