November 2022 Nvidia updates for GPU drivers available
The updates fix malicious code vulnerabilities.
If you use an Nvidia graphics card, you should install the newly updates for drivers made available that are protected against possible attacks.
In addition to graphics card drivers for Linux and Windows, the developers at Nvidia have also fixed security vulnerabilities in various software from the GPU manufacturer. If attackers successfully target the vulnerabilities, they could smuggle malicious code onto devices and execute it. This usually leads to the complete compromise of systems.
Malicious code attacks
A listing of all closed vulnerabilities can be found in a Security Bulletin warning from Nvidia. Most of the vulnerabilities are classified as medium threat level.
The vulnerability CVE-2022-34669 with a high rating just barely missed a critical rating. Due to errors in the user mode layer, where an unprivileged regular user can access or modify system files or other files that are critical to the application, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Beyond Linux and Windows drivers (GPU and display), Nvidia Cloud Gaming and vGPU software are also vulnerable. Nvidia lists the drivers repaired for the respective graphics cards here.
To update your NVIDIA drivers, download and install the new updated software through the NVIDIA Driver Downloads page or, for the vGPU software and NVIDIA Cloud Gaming updates, through the NVIDIA Licensing Portal.