Don't want to see articles from a certain category? When logged in, go to your User Settings and adjust your feed in the Content Preferences section where you can block tags!
We do often include affiliate links to earn us some pennies. See more here.

NVIDIA reveal new security issues in their GPU drivers for June 2024

By - | Views: 29,169

Today NVIDIA put out a new security bulletin, to highlight multiple security issues identified in their proprietary graphics driver for Linux and Windows.

All driver versions below 555.52.04, 550.90.07, 535.183.01 and 470.256.02 are affected. So depending on the driver series you go for, make sure you're on at least one of those or above.

From the announcement these are the ones that affect either both Linux and Windows or just Linux:

CVE ID Description Severity CWE Impacts
CVE‑2024‑0090 NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. High CWE‑787 Code execution, denial of service, escalation of privileges, information disclosure, data tampering
CVE‑2024‑0091 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering. High CWE‑822 Denial of service, information disclosure, data tampering
CVE‑2024‑0093 NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure. Medium CWE‑200 Information disclosure
CVE‑2024‑0092 NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service. Medium CWE‑703 Denial of service

There's one other just for Windows, and multiple issues in VGPU Software too.

See their security bulletin dated June 6th for all the info, they only sent out the email announcement today.

Article taken from GamingOnLinux.com.
Tags: Security, Drivers, Misc, NVIDIA
8 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
Some you may have missed, popular articles from the last month:
1 comment

pcpete68 Jun 9
View PC info
Thanks for the heads up!
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register

Or login with...
Sign in with Steam Sign in with Google
Social logins require cookies to stay logged in.
Register Forgot Login?
★ Support Us
Popular this week
Search or view by category
Contact
Latest Comments
Latest Forum Posts
Misc