HIGH Patch AvailableCVE-2024-0073

NVIDIA GPU Display Driver Kernel Mode Layer Privilege Escalation Vulnerability

Discovered 10 February 2025 0 views

Overview

A high-severity vulnerability was discovered in the kernel mode layer of the NVIDIA GPU Display Driver for Windows. The flaw resides in the driver's handling of specific input passed from user-mode applications. A successful exploit allows a local attacker with basic user privileges to cause a denial of service (DoS) or, more critically, execute arbitrary code with kernel-level (SYSTEM) privileges. In an AI/ML context, this is particularly dangerous. Many multi-tenant GPU clusters, cloud-based GPU instances, and developer workstations rely on the driver for CUDA operations. An attacker who gains initial low-privilege access to such a machine—perhaps through another vulnerability or as a legitimate low-privilege user—could exploit this flaw to gain full control over the system. This would allow them to access or corrupt sensitive AI models and data, interfere with other users' training jobs, or use the compromised machine as a pivot point to attack the wider network. The vulnerability was caused by a failure to properly validate a user-provided pointer, leading to an out-of-bounds write condition in a privileged context. The discovery underscores the criticality of keeping low-level hardware drivers patched, as they represent a significant attack surface directly accessible from user space.

Affected Systems

NVIDIA GPU Display Driver (Windows) < 551.52NVIDIA RTX/Quadro Driver (Windows) < R550 U1 (551.23)

Testing Guide

1. Check your current NVIDIA driver version using the `nvidia-smi` command-line tool or the NVIDIA Control Panel. 2. Compare the installed version against the patched versions listed in the NVIDIA Security Bulletin for CVE-2024-0073. 3. If the installed version is older than the patched version, the system is vulnerable.

Mitigation Steps

1. Update the NVIDIA GPU driver to a patched version as specified in the NVIDIA security bulletin. 2. For multi-tenant environments, use robust isolation technologies like hardware-virtualized GPUs (e.g., NVIDIA vGPU) or containerization with strict security contexts to limit the attack surface. 3. Employ the principle of least privilege. Do not run AI training or inference workloads with higher privileges than necessary. 4. Regularly monitor systems for security bulletins from hardware vendors like NVIDIA and apply patches promptly.

Patch Details

Patched in NVIDIA driver versions 551.52 and R550 U1 (551.23) and later.

Sources

← Back to vulnerabilities