HIGH Patch AvailableCVE-2023-31034

NVIDIA GPU Driver Kernel Mode Layer Contains Out-of-Bounds Write Vulnerability Allowing for Privilege Escalation

Discovered 22 January 2026 1 views

Overview

NVIDIA released a security bulletin addressing multiple vulnerabilities in its GPU display driver for Windows and Linux. The most critical of these, CVE-2025-10742, is an out-of-bounds write vulnerability in the kernel mode driver component. This component is responsible for mediating access to the GPU hardware from user-space applications, including machine learning frameworks like TensorFlow and PyTorch that use CUDA. A local attacker with basic user privileges could craft a malicious sequence of CUDA API calls that triggers this flaw. A successful exploit could lead to denial of service (crashing the entire host system) or, more severely, arbitrary code execution with kernel-level privileges. In a multi-tenant cloud or HPC environment where multiple users share a single physical machine with partitioned GPUs, this vulnerability is especially dangerous. An attacker in one container could potentially exploit this driver flaw to escape their container, gain control of the host operating system, and access data from all other tenants on the same machine. The vulnerability underscores the GPU driver's critical role in the security boundary of modern AI infrastructure and the need for timely patching.

Affected Systems

NVIDIA GPU Display Driver (Linux) < 535.129.03NVIDIA GPU Display Driver (Windows) < 537.42

Testing Guide

1. **Check Driver Version**: On Linux, run `nvidia-smi` to view the installed driver version. On Windows, check the NVIDIA Control Panel. 2. **Compare with Bulletin**: Compare your installed version with the 'Affected Versions' and 'Patched Versions' listed in the official NVIDIA security bulletin. 3. **Use a Vulnerability Scanner**: Employ a system vulnerability scanner (e.g., Nessus, OpenVAS) with up-to-date plugins, which will automatically detect outdated and vulnerable NVIDIA drivers.

Mitigation Steps

1. **Update NVIDIA Drivers**: Immediately update all affected systems to the latest NVIDIA driver version as specified in the security bulletin. 2. **Isolate GPU Workloads**: In multi-tenant environments, use strict isolation technologies. While this vulnerability breaks standard container isolation, using virtual machines with hardware passthrough (IOMMU/vGPU) can provide a stronger security boundary. 3. **Restrict User Access**: Limit direct access to servers with vulnerable drivers. Only allow trusted and vetted code to run on these systems until they can be patched. 4. **Monitor System Logs**: Implement monitoring for unexpected kernel-level crashes or anomalous GPU behavior that could indicate an exploitation attempt.

Patch Details

Patched versions are available for download from NVIDIA's driver portal. Refer to NVIDIA Security Bulletin 5496 for specific version details.

Sources

https://nvidia.custhelp.com/app/answers/detail/a_id/5496

← Back to vulnerabilities