Nvidia graphics card drivers with holes under Linux and Windows
Three security vulnerabilities endanger PCs with a graphics card from Nvidia. In the worst case scenario, malicious code can get onto Linux systems.
(Image: Artur Szczybylo/Shutterstock.com)
For security reasons, owners of an Nvidia graphics card should update the GPU driver to the latest version as soon as possible. If this is not done, attackers can exploit several vulnerabilities under Linux and Windows and attack computers. There are also secure versions of Cloud Gaming and vGPU software.
Install a security patch
The developers list the vulnerabilities in a post. The most dangerous is a vulnerability (CVE-2025-23244 "high") in the driver for Linux systems. At this point, an attacker can start without authentication and, in the worst case, execute malicious code. Afterwards, systems are usually considered fully compromised. How such an attack could actually take place and whether attacks already exist is still unknown. It also remains unclear how a system that has already been attacked can be detected.
Videos by heise
Two further vulnerabilities (CVE-2025-23245 "medium", CVE-2025-23246 "medium") threaten Linux and Windows. The starting point is the vGPU software. The Virtual GPU Manager (vGPU plugin) is vulnerable here. A successful attack leads to denial of service states. This usually results in services and software crashing.
Nvidia states that it has closed the gaps in the following versions for Linux and Windows:
Linux GPU drivers:
- GeForce:
575.51.02
570.133.07
550.163.01
535.247.01
- RTX, Quadro, NVS:
575.51.02
570.133.07
550.163.01
535.247.01
- Tesla:
570.133.20
550.163.01
535.247.01
vGPU software:
- Linux:
570.133.20
550.163.01
535.247.01
570.133.10
550.163.02
535.247.02
- Azure, Windows Server:
572.83
Cloud Gaming:
- Linux:
570.133.20
570.133.10
(des)
