Malicious code gaps in Nvidia GPU drivers closed
Attackers can attack Linux and Windows PCs with graphics cards from Nvidia. Security updates are available.
(Image: Artur Szczybylo/Shutterstock.com)
Nvidia's developers have closed several security gaps in various graphics card drivers. In the worst case, malicious code can completely compromise systems. Linux and Windows computers are at risk.
The threats
According to a warning message, vGPU software and cloud gaming are also vulnerable in addition to GPU drivers. The developers have closed a total of nine software vulnerabilities (CVE-2025-23309, CVE-2025-23347, CVE-2025-23280, CVE-2025-23282, CVE-2025-23352). Five of these are categorized as “high” threat level.
In most cases, attackers can trigger memory errors and, in the worst case, execute their code. They then usually gain full control of PCs. It is not yet known how attacks could work in detail and whether gaps are already being exploited.
In addition, attackers can gain even higher user rights, trigger DoS states, causing crashes, and manipulate files. The vulnerability in the vGPU software affects the Virtual GPU Manager, where attackers can launch attacks with similar effects.
Videos by heise
Protect computer systems
To prevent attacks, admins must install the updated drivers for GeForce, NV, Quadro, RTX, and Tesla series graphics cards. Even though there are no reports of attacks yet, admins should not wait too long to install the security updates.
Windows:
- 539.56
- 573.76
- 581.42
Linux:
- 535.274.02
- 570.195.03
- 580.95.05
vGPU software:
- 16.12
- 18.5
- 19.2
Cloud Gaming:
- September 2025 release
Nvidia recently closed several security gaps in AI and network technology.
(des)
