Skip to main content

Nvidia warns owners of its GPUs about a dangerous security vulnerability

Nvidia is warning GPU owners to update their graphics card drivers after the company discovered several high-level security vulnerabilities. ThreatPost reports that Nvidia found bugs in its virtual GPU software and the display driver that’s required for the graphics card to function.

Nvidia has a table showing the drivers for its different product lines across Windows and Linux, but it doesn’t really matter. It seems GeForce, Quadro, and Tesla drivers are vulnerable across Windows and Linux, so it’s best to update your graphics driver regardless.

Recommended Videos

In total, the company revealed 13 security vulnerabilities, five through the GPU display driver and eight through the vGPU software. Most sit in between 7 and 8 on CVSS 3.1 (Common Vulnerability Scoring System), which is an open standard for rating security vulnerabilities on a scale of 1 to 10.

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

CVE‑2021‑1074 is one of the most pressing issues, with a base CVSS score of 7.5. This vulnerability shows up in the display driver installer, where an attacker with local system access can replace the installation files with malicious ones. On the other end, CVE‑2021‑1078 received a base score of 5.5, which shows a vulnerability in the kernel driver that could lead to a system crash.

Image used with permission by copyright holder

There’s also CVE‑2021‑1085 through the vGPU software (base score of 7.3), which opens the potential to write data to shared memory locations and manipulate it after validation. That could lead to escalation of privileges and denial of service.

If you just have an Nvidia graphics card, you don’t need to worry about the vGPU vulnerabilities. The vGPU software is built for the data center, allowing operators to share graphics card power across several virtual machines. Nvidia recommends updating your graphics card driver through the Nvidia driver download page and the vGPU software through the Nvidia licensing portal (if you have access to it).

geforce rtx 3090
Image used with permission by copyright holder

The vulnerabilities highlight the importance of updating your software and drivers regularly. Earlier this year, Nvidia fixed several vulnerabilities in its display driver, and it continues to push updates whenever vulnerabilities show up. The current batch of problems may lead to malicious code execution (ransomware, etc.), escalation of privileges, data disclosure, data corruption, and/or denial of service, so you should update your GPU driver as soon as possible.

All of the issues come through software, so it doesn’t matter which graphics card you have. Even with a last-gen or older GPU — a likely situation given the ongoing graphics card shortage — you still need to update your driver.

Jacob Roach
Lead Reporter, PC Hardware
Jacob Roach is the lead reporter for PC hardware at Digital Trends. In addition to covering the latest PC components, from…
How to open the Nvidia Control Panel
Nvidia GeForce RTX Gaming Setup with Monitor and PC build.

The Nvidia Control Panel allows you to access all the features of your graphics card, so knowing how to open the Nvidia Control Panel allows you to quickly change your monitor and graphics card settings.

Although the Nvidia Control Panel isn't readily apparent on your desktop, opening it is simple. We have a handful of ways to access it, as well as some tips for how to get the most out of the software.
How to open the Nvidia Control Panel

Read more
GPU prices and availability (Q4 2024): How much are GPUs today?
An AMD Radeon RX 6500XT placed on a motherboard.

The GPU shortage is over, and gamers around the world can breathe a sigh of relief. For those in the market for one of the best graphics cards, we looked closely at graphics card prices and availability to determine where the GPU market is headed and the best time to buy.

If you're looking for a cheap GPU deal, now is the time to buy. Cards from AMD and Nvidia usually hover around the recommended list price, but some models are actually priced well below that, and the same goes for Intel GPUs.

Read more
Nvidia’s most underrated DLSS feature deserves far more attention
Alan Wake 2 running on the Samsung Odyssey OELD G9.

Since the introduction of Nvidia's Deep Learning Super Sampling (DLSS), the company has done an excellent job getting the feature in as many games as possible. As the standout feature of Nvidia's best graphics cards, most major game releases come with the feature at the ready.

That's only become truer with the introduction of DLSS 3 and its Frame Generation feature, showing up in recent releases like Ghost of Tsushima and The First Descendent. But one DLSS feature has seen shockingly low representation.

Read more