Nvidia has fixed bugs in its Windows drivers that could allow local code execution, denial of service, or escalation of privileges attacks.
Three of the issues ranked as high-severity flaws, with another two given medium-severity ratings.
All five of the bugs require local access to exploit and attacks cannot be carried out remotely.
Nevertheless, Nvidia urged users to downlaod updated drivers for GeForce, Quadro, NVS, and Tesla display drivers right away from its website or from system makers.
The most severe bug, given a ranking of 8.8 out of 10, could allow an attacker to execute malicious code, temporarily render a system unusable or acquire escalated security privileges. The bug, CVE‑2019‑5683, affects the video driver’s trace logger component.
“When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks,” Nvidia said in an advisory.
The other two high-risk flaws, CVE‑2019‑5684 and CVE‑2019‑5685, affect DirectX drivers and could be exploited by specially crafted shaders to cause an out of bounds access and lead to denial of service or code execution.
Both were discovered by Cisco Talos’ Piotr Bana.
Nvidia also warned of two medium-risk bugs, CVE‑2019‑5686 and CVE‑2019‑5687, both affecting the kernel mode layer. The former could lead to denial of service while the later could shut down a system or leak information.
Nvidia released the fixes as part of its August 2019 security update.
The GPUs manufactured by Nvidia are mainly associated with graphics, but have increasingly become used for tasks associated with artificial intelligence.
Billionaire Jared Isaacman and SpaceX’s Sarah Gillis become first non-professional astronauts to carry out risky…
Data centres in the UK are to designated as Critical National Infrastructure (CNI), alongside energy…
Google's protection of EU users' personal data when training its AI model, is under investigation…
Two week mission for robot to retrieve sample of melted fuel debris from inside one…
More cash required. Latest funding talks with investors reportedly values AI startup OpenAI at $150…
Silicon tours the facilities housing Europe's most powerful supercomputer, and the fifth most powerful supercomputer…