NVIDIA sent out a security bulletin today to reveal a fresh security flaw found in their Linux GPU drivers. So it’s time to get updating again to be safe.
Noted down as CVE‑2025‑23244 here’s their explanation:
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
There’s a number of different driver series, so you’ll need to check what you’re currently on to see the best version upgrade. If you’re on any of these you’ll be fine: 535.247.01, 550.163.01, 570.133.07 and 575.51.02.
See more on the NVIDIA website.
Article taken from GamingOnLinux.com.
Some you may have missed, popular articles from the last month:
You can also find comments for this article on social media: Mastodon
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
Bogomips 23 hours ago
For once I was lucky I updated my drivers this morning ^^
0 Likes
redneckdrow 19 hours ago
Not to mention Bruce Schneier's blog about a new rootkit "discovered" (read: written) by ARMO:
https://www.schneier.com/blog/archives/2025/04/new-linux-rootkit.html
ARMO claim that they have a product to stop this type of attack.
Or one can simply disable io_uring by running
and reboot to disable it altogether.
Edit: forgot kernel
Last edited by redneckdrow on 24 Apr 2025 at 11:06 pm UTC
https://www.schneier.com/blog/archives/2025/04/new-linux-rootkit.html
ARMO claim that they have a product to stop this type of attack.
Or one can simply disable io_uring by running
sysctl kernel.io_uring_disabled = 1 as root to disable it temporarily, or adding the following line in /etc/sysctl.d/99-sysctl.conf:kernel.io_uring_disabled = 1and reboot to disable it altogether.
Edit: forgot kernel
Last edited by redneckdrow on 24 Apr 2025 at 11:06 pm UTC
0 Likes
Marlock 17 hours ago
the link above says the attackers use io.uring to bypass detection by monitoring tools, so it seems io.uring isn't an exploitable vulnerability per se, only a way already invaded systems will keep invaded in heavily monitored environments
0 Likes
Xpander 12 hours ago
Wonder why they disclosed this a bit late?
Already on the 575.51.02 drivers since their release, but only just now they disclosed the security problems.
But anyway, great to see they update their drivers to fix security issues and sharing the info.
Already on the 575.51.02 drivers since their release, but only just now they disclosed the security problems.
But anyway, great to see they update their drivers to fix security issues and sharing the info.
0 Likes
Now imagine how many flaws their Windows drivers have, unbelievable clown company.
0 Likes
Ehvis 4 hours ago
Now imagine how many flaws their Windows drivers have, unbelievable clown company.
Windows doesn't need security vulnerabilities. Microsoft built them into the OS.
1 Likes
Patreon
PayPal
How to set, change and reset your SteamOS / Steam Deck desktop sudo password
How to set up Decky Loader on Steam Deck / SteamOS for easy plugins
See more from me