NVIDIA have released a security bulletin to detail new security issues, so it's time to update your GPU driver once again.
There's six vulnerabilities being disclosed today, although the date stated is October 22nd, they only emailed it today. Only one of the issues noted actually affects the Linux display driver (and Windows), the rest are just for Windows. Here's the note on the one for Linux:
CVE‑2024‑0126 - "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
If you're on driver versions 565.57.01, 550.127.05, 535.216.01 or later you're secure. Otherwise, you should probably go and update. So that explains the tiny one-liner update I covered for the 550.127.05 release yesterday along with the 565.57.01 Beta that was also released at the same time.
See more in their security bulletin.
If you're on driver versions 565.57.01, 550.127.05, 535.216.01 or later you're secure.
*Me running 470.256.02 on one of my daily drivers*
!(chuckles) I'm in Danger Simpson Meme.
Are the latest 560 series drivers safe? I’m currently waiting for Fedora to ship 565 beta on rawhide so I can test it out…The only versions listed as safe by NVIDIA are in the article.
I’m currently waiting for Fedora to ship 565 beta on rawhide so I can test it out…
Strictly speaking, Fedora doesn't ship Nvidia drivers, as far as I am aware? They are available via third-party repos, such as rpmfusion and negativo17. For what it's worth, the negativo17 repo is at least testing it now:
https://github.com/negativo17/nvidia-driver/commit/2e4a03115222302029eb0976265bcfe03f092059
See more from me