NVIDIA has released two security updates that patch multiple issues discovered in its GPU Display Driver and companion app, GeForce Experience. None of these flaws can be exploited remotely, but anyone using GeForce, Quadro, NVS, and/or Tesla products should update straight away. The most severe of these revolve around the display driver’s kernel mode layer and GeForce Experience’s GameStream feature.

The patched vulnerabilities received CVSS V3 base scores ranging from 5.1 to 7.8 from NVIDIA, with four of them having received high severity risk assessments, while eight others were assigned medium risk base scores, all of them impacting Windows systems. By exploiting security issues, attackers can escalate their privileges making it possible to gain permissions above the ones granted by the compromised system initially.

Discussion