Skip to main content

Nvidia GPU Users Should Update As New Security Patches Released

By July 8, 2020May 5th, 2022Cybersecurity

If you have computers on your corporate network that rely on NVIDIA hardware and software, be advised that the company recently released security updates to address serious security vulnerabilities found in CUDA and GPU Display drivers and Virtual GPU Management software. These are security flaws that could lead to an escalation of privileges, denial of service and arbitrary code execution on both Linux and Windows machines.

All of the flaws are rated as serious or higher, but it should be noted that all of them require local user access. They cannot be exploited remotely. Once hackers have gained a foothold on a target machine, they could launch attacks designed to abuse these bugs. So it pays to treat the issue seriously and apply the patch as soon as possible.

The good news is that when you install the latest security patch, you’ll get fixes for a wide range of issues with severity ratings ranging from 7.8 to 4.4.

Here’s what the latest patch addresses (Listed in order of relative severity):

  • CVE-2020-5962, CVE-2020-5963, CVE-2020-5968, CVE-2020-5969, CVE-2020-5970, and CVE-2020-5971 (All have a severity rating of 7.8)
  • CVE-2020-5964 (Severity rating: 6.5)
  • CVE-2020-5965, CVE-2020-5966, CVE-2020-5967, and CVE-2020-5972 (All have a severity rating of 5.5)
  • CVE-2020-5973 (Severity rating: 4.4)

If any of the machines on your network utilize GeForce, Quadro, NVS, Tesla GPU drivers, or the Virtual GPU Manager, be sure to grab the latest security patch from NVIDIA’s driver download page.

If you’re a Windows user and not in the habit of patching your drivers manually, you may also receive Windows GPU display driver 451.55, 446.06, and 443.18 from your hardware vendor. Enterprise users will need to log into the NVIDIA Enterprise Application hub to get the latest updates. However you get them, the important thing is to install them to patch yourself out of harm’s way.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.