Security Bulletin: NVIDIA GPU contains multiple vulnerabilities in the kernel mode layer handler

September 21, 2017

Updated 09/21/2017 06:01 AM

NVIDIA GPU Display Driver vulnerabilities may lead to denial of service or possible escalation of privilege

Download GPU fixes from the NVIDIA Driver Downloads page.

Product	Product Series	OS	Branch	Fixed Version
GeForce	All	Windows	R384	385.69 includes GFE 3.9.0.61
NVS, Quadro	All	Windows	R384	385.69
Tesla	All	Windows	R384	Available the week of September 25

Product	Product Series	OS	Branch	Fixed Version
GeForce	All	Linux, FreeBSD, Solaris	R384	384.90
Quadro, NVS	All	Linux, FreeBSD, Solaris	R384	384.90
Tesla	All	Linux	R384	Available the week of September 25
Tesla	All	Linux	R375	375.88

If you are using earlier driver branches of the affected products, upgrade to a supported driver branch that contains the fix as listed in tables for Windows and Linux.
If you are using GFE, install the latest drivers. GFE security bulletins are available on the NVIDIA Product Security page.
CVE-2017-6277 and CVE-2017-6272 were addressed in branch R375. However, these CVEs were not disclosed in the previous security bulletin.

September 26, 2017

Updated 09/25/2017 10:30 AM

Revision	Date	Description
2.0	September 25, 2017	Added information about affected NVIDIA GRID products, fixed versions for Tesla products, and fixed version in the R375 driver branch for Quadro and NVS products

Recommended Posts