Image: NVIDIA

It turns out that NVIDIA’s GeForce Game Ready 461.09 driver, which was released yesterday, includes security fixes addressing various issues that may lead to denial of service, escalation of privileges, data tampering, or information disclosure. GeForce, RTX/Quadro, NVS, and Tesla GPU users will want to install this update right away from the NVIDIA Driver Downloads page. Virtual GPUs have also received a similar security update, which can be downloaded from the NVIDIA Licensing Portal.

NVIDIA GPU Display Driver Vulnerability Details

CVE IDsDescriptionBase ScoreVector
CVE‑2021‑1051NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an operation is performed which may lead to denial of service or escalation of privileges.8.4AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
CVE‑2021‑1052NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.7.8AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE‑2021‑1053NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.6.6AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
CVE‑2021‑1054NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.6.5AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE‑2021‑1055NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.5.3AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE‑2021‑1056NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.5.3AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Don’t Miss Out on More FPS Review Content!

Our weekly newsletter includes a recap of our reviews and a run down of the most popular tech news that we published.

Leave a comment