Residence › Vulnerabilities

Nvidia Patches Many Vulnerabilities in Home windows, Linux Show Drivers

By Ionut Arghire on December 01, 2022

Tweet

Nvidia’s November 2022 show driver updates patch 29 vulnerabilities impacting Home windows and Linux merchandise, together with ten high-severity points.

Probably the most extreme of the safety defects is CVE‑2022‑34669 (CVSS rating of 8.8), a difficulty within the person mode layer of Nvidia’s Home windows driver that could possibly be exploited by an unprivileged attacker to entry or tamper with system information or different information that the motive force makes use of.

Profitable exploitation of the bug, Nvidia says, may enable the attacker to execute arbitrary code, trigger a denial-of-service (DoS) situation, escalate privileges, entry restricted data, or modify information.

One other extreme flaw within the Home windows driver is CVE‑2022‑34671 (CVSS rating of 8.5), an out-of-bounds write that would have comparable results.

A vulnerability in Nvidia Management Panel for Home windows may enable an unauthorized attacker to escalate privileges, leak delicate information, or execute instructions. The bug is tracked as CVE‑2022‑34672 (CVSS rating of seven.8).

The chip maker additionally introduced patches for 4 high-severity vulnerabilities within the kernel mode layer of its show driver for Linux, which may result in DoS circumstances, data disclosure, or information tampering.

Nvidia’s November 2022 driver updates additionally handle three high-severity points within the firm’s digital GPU (vGPU) software program.

Tracked as CVE‑2022‑42260 (CVSS rating of seven.8), essentially the most extreme of those impacts a D-Bus configuration file within the vGPU show driver for Linux and could possibly be exploited with out authorization to execute code, create a DoS situation, escalate privileges, or leak or tamper with information.

Two different points, CVE‑2022‑42261 and CVE‑2022‑42262, impression the Digital GPU Supervisor (vGPU plugin) and will result in information modification, data disclosure, or a DoS situation.

Nvidia additionally resolved 19 medium-severity vulnerabilities that could possibly be exploited to trigger DoS circumstances, leak data, or tamper with information.

Customers are suggested to obtain and set up the accessible patches as quickly as doable. Further particulars on the resolved vulnerabilities will be present in Nvidia’s safety bulletin.

Associated: NVIDIA Patches Code Execution Vulnerabilities in Graphics Driver

Associated: NVIDIA Ships Patches for Excessive-Severity Safety Flaws

Associated: NVIDIA Patches Code Execution Flaws in GeForce Expertise

Get the Day by day Briefing

• Most Current
• Most Learn

• Nvidia Patches Many Vulnerabilities in Home windows, Linux Show Drivers
• Vulnerabilities in Common Keyboard and Mouse Android Apps Expose Person Information
• Hackers Dump Australian Well being Information On-line, Declare ‘Case Closed’
• One Yr Later: Log4Shell Remediation Gradual, Painful Slog
• Do not Let Your Profession Go the Means of Leisure 720
• Buyers Wager $31 Million on Sphere for Identification Hygiene Tech
• Google Hyperlinks Exploitation Frameworks to Spanish Spy ware Vendor Variston
• Chrome 108 Patches Excessive-Severity Reminiscence Security Bugs
• Delta Electronics Patches Critical Flaws in Industrial Networking Units
• Builders Warned of Vital Distant Code Execution Flaw in Quarkus Java Framework

Searching for Malware in All of the Unsuitable Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Laptop Says About You

Be in a Place to Act By way of Cyber Situational Consciousness

Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice Yr To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

The right way to Determine Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Enticing

The right way to Defend In opposition to DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

Orbit Brain

http://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.