NVIDIA has issued a vital safety replace addressing a number of high-severity vulnerabilities in its GPU Show Driver, vGPU software program, and HD Audio parts.
That would allow attackers to execute arbitrary code and escalate privileges on affected methods.
The vulnerabilities, disclosed on January 28, 2026, influence Home windows and Linux platforms throughout GeForce, RTX, Quadro, NVS, and Tesla product traces.
Use-After-Free and Integer Overflow Flaws
Essentially the most extreme vulnerabilities embody CVE-2025-33217, a use-after-free flaw within the Home windows Show Driver, and CVE-2025-33218, an integer overflow weak spot within the kernel mode layer (nvlddmkm.sys).
Each vulnerabilities have a CVSS rating of seven.8 and require solely low-level privileges to take advantage of.
CVE IDComponentPlatformCVSS ScoreCWEImpactCVE-2025-33217Display DriverWindows7.8CWE-416Code execution, privilege escalation, information tampering, DoS, data disclosureCVE-2025-33218Display Driver (nvlddmkm.sys)Windows7.8CWE-190Code execution, privilege escalation, information tampering, DoS, data disclosureCVE-2025-33219Kernel ModuleLinux7.8CWE-190Code execution, privilege escalation, information tampering, DoS, data disclosureCVE-2025-33220Virtual GPU ManagervGPU7.8CWE-416Code execution, privilege escalation, information tampering, DoS, data disclosureCVE-2025-33237HD Audio DriverWindows5.5CWE-476Denial of service
Safety researcher Kentaro Kawane found these flaws, which might enable attackers with native entry to execute malicious code, escalate privileges, tamper with information, set off denial-of-service circumstances, or disclose delicate data.
The Linux Show Driver is equally affected by CVE-2025-33219, an integer overflow vulnerability within the NVIDIA kernel module reported by Sam Lovejoy and Valentina Palmiotti.
This flaw poses an identical dangers to Linux-based methods working weak driver variations throughout a number of launch branches, together with R590, R580, R570, and R535.
vGPU and Cloud Gaming Infrastructure at Danger
NVIDIA’s virtualization infrastructure faces extra threats via CVE-2025-33220, affecting the Digital GPU Supervisor in vGPU software program deployments.
This heap-memory-access-after-free vulnerability permits malicious visitor digital machines to compromise the underlying hypervisor.
Probably affecting enterprise virtualization environments working XenServer, VMware vSphere, Purple Hat Enterprise Linux KVM, and Ubuntu platforms.
The NVIDIA Cloud Gaming platform, which makes use of related virtualization applied sciences, is affected by CVE-2025-33219 in each visitor drivers and Digital GPU Supervisor parts via November 2025.
NVIDIA urges customers to right away replace to the patched driver variations by way of the NVIDIA Driver Downloads portal or the NVIDIA Licensing Portal for vGPU and Cloud Gaming deployments.
Home windows customers ought to improve to driver variations 591.59 (R590), 582.16 (R580), 573.96 (R570), or 539.64 (R535), relying on their department.
Linux customers should replace to variations 590.48.01, 580.126.09, 570.211.01, or 535.288.01, respectively, to mitigate these vital safety dangers.
Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.
.webp?ssl=1 "ScarCruft Exploits Gaming Platform with Backdoor Attacks")
