Skip to main content

Nvidia warns owners of its GPUs about a dangerous security vulnerability

Nvidia is warning GPU owners to update their graphics card drivers after the company discovered several high-level security vulnerabilities. ThreatPost reports that Nvidia found bugs in its virtual GPU software and the display driver that’s required for the graphics card to function.

Nvidia has a table showing the drivers for its different product lines across Windows and Linux, but it doesn’t really matter. It seems GeForce, Quadro, and Tesla drivers are vulnerable across Windows and Linux, so it’s best to update your graphics driver regardless.

Recommended Videos

In total, the company revealed 13 security vulnerabilities, five through the GPU display driver and eight through the vGPU software. Most sit in between 7 and 8 on CVSS 3.1 (Common Vulnerability Scoring System), which is an open standard for rating security vulnerabilities on a scale of 1 to 10.

CVE‑2021‑1074 is one of the most pressing issues, with a base CVSS score of 7.5. This vulnerability shows up in the display driver installer, where an attacker with local system access can replace the installation files with malicious ones. On the other end, CVE‑2021‑1078 received a base score of 5.5, which shows a vulnerability in the kernel driver that could lead to a system crash.

Image used with permission by copyright holder

There’s also CVE‑2021‑1085 through the vGPU software (base score of 7.3), which opens the potential to write data to shared memory locations and manipulate it after validation. That could lead to escalation of privileges and denial of service.

If you just have an Nvidia graphics card, you don’t need to worry about the vGPU vulnerabilities. The vGPU software is built for the data center, allowing operators to share graphics card power across several virtual machines. Nvidia recommends updating your graphics card driver through the Nvidia driver download page and the vGPU software through the Nvidia licensing portal (if you have access to it).

geforce rtx 3090
Image used with permission by copyright holder

The vulnerabilities highlight the importance of updating your software and drivers regularly. Earlier this year, Nvidia fixed several vulnerabilities in its display driver, and it continues to push updates whenever vulnerabilities show up. The current batch of problems may lead to malicious code execution (ransomware, etc.), escalation of privileges, data disclosure, data corruption, and/or denial of service, so you should update your GPU driver as soon as possible.

All of the issues come through software, so it doesn’t matter which graphics card you have. Even with a last-gen or older GPU — a likely situation given the ongoing graphics card shortage — you still need to update your driver.

Jacob Roach
Former Lead Reporter, PC Hardware
Jacob Roach is the lead reporter for PC hardware at Digital Trends. In addition to covering the latest PC components, from…
Even AMD is surprised by how fast it’s gaining on Nvidia
Several AMD RX 9000 series graphics cards.

AMD's RX 9000 series quickly joined the ranks of the best graphics cards, and it appears that its success came as a surprise to everyone -- yes, even AMD itself. At a recent roundtable in Japan, the company revealed that its market share skyrocketed recently, reaching a whopping 45% in Japan. Although this refers to Japan, it's easy to imagine that AMD is gaining on Nvidia globally, too, although there are a few things to consider here.

AMD's Yoshiaki Sato and Saki Suzuki shared a couple of updates during a Team AMD Roundtable held in Japan, which was later shared by ASCII. AMD was joined on stage by representatives of its many board partners, including ASRock, Asus, Gigabyte, MSI, PowerColor, and Sapphire. AMD's add-in board partners (AIBs) reportedly shared that they wanted to make and sell more Radeon graphics cards, but were being held back due to a lack of GPUs. To this, AMD's Sato replied: "AMD isn't used to selling [this many] graphics cards."

Read more
Microsoft patches an ‘extraordinary’ number of zero-day security vulnerabilities
The Surface Pro 11 on a white table in front of a window.

Today is a good day to make sure your Windows 10 and 11 machines are up to date, as Microsoft has released a hefty new security update for a number of zero-day vulnerabilities. The patch, part of Microsoft's Patch Tuesday update, contains fixes for Windows Server as well and include patches for six vulnerabilities which have already been exploited plus six more critical issues.

The new update addresses security issues of a hefty seven zero-days, including flaws which can enable remote code execution, in which an attacker can run code on the victim's system. One of these vulnerabilities requires the attacker to first trick a local user into taking some specific actions like mounting a malicious virtual hard disk image, and has already been taken advantage of my some hackers. This vulnerability, CVE-2025-24993, is marked as a severity 7.8 by Microsoft so it's important to patch to protect against it.

Read more
Nvidia’s upcoming budget GPUs could be underwhelming for gamers
The Zotac Gaming GeForce RTX 4060 8GB Solo mini-ITX GPU

Nvidia has yet to confirm the existence of entry-level GPUs in its latest RTX 50 series. However, recent leaks have revealed the anticipated specifications of the upcoming RTX 5050, 5060, and 5060 Ti. These GPUs are expected to be officially announced soon, as reports from last week indicated that Nvidia plans to unveil additional RTX 50 series models within the next 10 days.

As for the leaked specifications, @kopite7kimi, a fairly accurate leaker, has shared important information about the upcoming GPUs. As per his posts on X, Nvidia's RTX 5060 and RTX 5060 Ti will utilize the GB206-300 GPU die, while the RTX 5050 will be built around the GB207-300 chip. The RTX 5060 Ti, positioned as the more powerful of the two 60-class cards, is expected to feature 4,608 CUDA cores—just a modest 5.7% increase over its predecessor, the RTX 4060 Ti.

Read more