NVIDIA GPU Display Driver October 2025 Security Update

NVIDIA has informed HP of potential security vulnerabilities identified in the NVIDIA® GPU Display Driver for Windows, which might allow denial of service, escalation of privileges, data tampering, code execution, or information disclosure. NVIDIA has released updates to mitigate these...

ROS-20251030-02

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

ROS-20251030-01

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment TEE in a computer's main processor, including Intel's Software Guard eXtension...

USN-7829-5: Linux kernel (Intel IoTG) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...

Security Vulnerabilities fixed in Firefox 144.0.2 — Mozilla

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox...

Mozilla Firefox < 144.0.2

The version of Firefox installed on the remote Windows host is prior to 144.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-86 advisory. - Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser...

ROS-20251028-11

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

ROS-20251028-10

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

USN-7829-4: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...

USN-7829-4 linux-aws-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...

EUVD-2025-35725

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2025-23352

CVE-2025-23352 is associated with NVIDIA vGPU software, specifically the Virtual GPU Manager, where a malicious guest could trigger an uninitialized pointer access leading to possible code execution, DoS, privilege escalation, information disclosure, or data tampering. Multiple trusted sources (N...

CVE-2025-23352

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

GO-2025-3992 NVIDIA Container Toolkit for all platforms contains an Untrusted Search Path in github.com/NVIDIA/gpu-operator

NVIDIA Container Toolkit for all platforms contains an Untrusted Search Path in github.com/NVIDIA/gpu-operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

GO-2025-3998 NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook in github.com/NVIDIA/gpu-operator

NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook in github.com/NVIDIA/gpu-operator. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

NVIDIA Virtual GPU Manager 缓冲区错误漏洞

NVIDIA Virtual GPU Manager is an NVIDIA virtual GPU management software from NVIDIA Corporation. A buffer error vulnerability exists in NVIDIA Virtual GPU Manager, which stems from the presence of uninitialized pointer access to Virtual GPU Manager, and could lead to code execution, denial of...

NVIDIA GPU Display Driver 代码问题漏洞

NVIDIA GPU Display Driver is a display driver from NVIDIA Corporation. A code issue vulnerability exists in NVIDIA GPU Display Driver, which stems from the possibility of triggering a null pointer dereference that could lead to a denial of service...