With this week’s R460 driver release, a number of security updates also come. Several security issues have been fixed in the NVIDIA graphics driver components for Windows and Linux.
The set of 2021 CVEs “addresses issues that can lead to denial of service, escalation of privileges, data breach, or information disclosure.”
Vulnerabilities include an ioctl kernel through which user-mode clients can access APIs with legacy privileges, the kernel driver not fully honoring file system permissions for GPU device-level isolation, and several other software vulnerabilities vGPU.
The vulnerabilities in the Linux driver were fixed at 460.32.03 / 450.102.04, while a legacy Linux driver update is also expected in about a week to correct the problems.
More details on NVIDIA graphics driver vulnerabilities in the NVIDIA help section.