General Discussions

black_zion · ‎05-12-2019

That's scary. No real way to use older drivers sets yet again for team green.

https://www.tomshardware.com/news/nvidia-driver-update-severe-security-vulnerability,39323.html

elstaci · ‎05-12-2019

Thanks for the heads up on this issue. Will go to Nvidia and download the patch or driver with the patch.

Thanks again.

black_zion · ‎05-12-2019

Not something you see in the graphics card comparison articles, choose AMD and perhaps see your expensive high end video card stop receiving updates after a year thereby causing its performance to be exceeded by physically slower cards, or choose nVidia and perhaps experience security vulnerabilities.

elstaci · ‎05-13-2019

LoL, sound like a lose-lose situation.

black_zion · ‎05-13-2019

Hopefully Intel will solve those problems by forcing both companies to up their game.

pokester · ‎05-13-2019

NVIDIA's response to speculative side channels CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754

This notice is in response to Google Project Zero's publication of novel information disclosure attacks that combine CPU speculative execution with known side channels. The issue was disclosed January 3, 2018.

NVIDIA’s core business is GPU computing. We believe our GPU hardware is immune to the reported security issue. As for our driver software, we are providing updates to help mitigate the CPU security issue.

Please actively monitor NVIDIA Product Security for available mitigations, updates, and additional information.

To subscribe to security notifications or learn more about NVIDIA's product security management process, go to NVIDIA Product Security.

pokester · ‎05-13-2019

So I guess they are saying it is a software bug that leads to a vulnerability on the CPU not GPU?

black_zion · ‎05-13-2019

The drivers have kernel level access, which is CPU Ring 0. A much bigger security risk than attacking a program that runs in Ring 3.

General Discussions

nVidia patches yet another critical security vulnerability in its drivers