Critical Vulnerability Discovered in NVIDIA GPU Drivers – Update Now!

CVECVE-2023-0184
CVSScvssV3_1: 8.8
SourceCVE-2023-0184

NVIDIA has disclosed a serious vulnerability affecting their GPU display drivers for Windows and Linux systems. The vulnerability, tracked as CVE-2023-0184, has been given a CVSS score of 8.8 out of 10 indicating its potential impact.

The vulnerability exists in the kernel mode layer handler of the NVIDIA GPU display driver. This component manages the communication between the GPU driver and the underlying operating system kernel. A remote attacker could potentially exploit this vulnerability to cause a denial of service, escalate privileges on the affected system, disclose sensitive information or tamper with data.

By sending specially crafted requests or packets, an attacker may be able to execute arbitrary code with elevated privileges or crash the entire graphics driver, preventing the system from displaying graphics properly. This could affect the usability and stability of the operating system. Confidential data could also potentially be leaked to the attacker.

NVIDIA has released updates to address this issue. It is highly recommended that all NVIDIA GPU display driver users immediately update to the latest versions available on the NVIDIA website to protect their systems. Keeping systems up to date is one of the best ways to mitigate security risks from known vulnerabilities. Users should also consider other basic security practices like running as non-administrative user accounts.

References