NVIDIA GPU Driver Flaws Allow Code Execution & Display Vulnerabilities
A critical security update from NVIDIA addresses multiple high-severity vulnerabilities impacting its GPU Display Driver, vGPU software, and HD Audio components. That could enable attackers to...
A critical security update from NVIDIA addresses multiple high-severity vulnerabilities impacting its GPU Display Driver, vGPU software, and HD Audio components.
That could enable attackers to execute arbitrary code and escalate privileges on affected systems.
The vulnerabilities, disclosed on January 28, 2026, impact Windows and Linux platforms across GeForce, RTX, Quadro, NVS, and Tesla product lines.
Use-After-Free and Integer Overflow Flaws
The most severe vulnerabilities include CVE-2025-33217, a use-after-free flaw in the Windows Display Driver, and CVE-2025-33218, an integer overflow weakness in the kernel mode layer (nvlddmkm.sys).
Both vulnerabilities have a CVSS score of 7.8 and require only low-level privileges to exploit.
| CVE ID | Component | Platform | CVSS Score | CWE | Impact |
|---|---|---|---|---|---|
| CVE-2025-33217 | Display Driver | Windows | 7.8 | CWE-416 | Code execution, privilege escalation, data tampering, DoS, information disclosure |
| CVE-2025-33218 | Display Driver (nvlddmkm.sys) | Windows | 7.8 | CWE-190 | Code execution, privilege escalation, data tampering, DoS, information disclosure |
| CVE-2025-33219 | Kernel Module | Linux | 7.8 | CWE-190 | Code execution, privilege escalation, data tampering, DoS, information disclosure |
| CVE-2025-33220 | Virtual GPU Manager | vGPU | 7.8 | CWE-416 | Code execution, privilege escalation, data tampering, DoS, information disclosure |
| CVE-2025-33237 | HD Audio Driver | Windows | 5.5 | CWE-476 | Denial of service |
Security researcher Kentaro Kawane discovered these flaws, which could allow attackers with local access to execute malicious code, escalate privileges, tamper with data, trigger denial-of-service conditions, or disclose sensitive information.
The Linux Display Driver is similarly affected by CVE-2025-33219, an integer overflow vulnerability in the NVIDIA kernel module reported by Sam Lovejoy and Valentina Palmiotti.
This flaw poses identical risks to Linux-based systems running vulnerable driver versions across multiple release branches, including R590, R580, R570, and R535.
vGPU and Cloud Gaming Infrastructure at Risk
NVIDIA’s virtualization infrastructure faces additional threats through CVE-2025-33220, affecting the Virtual GPU Manager in vGPU software deployments.
This heap-memory-access-after-free vulnerability enables malicious guest virtual machines to compromise the underlying hypervisor.
Potentially affecting enterprise virtualization environments running XenServer, VMware vSphere, Red Hat Enterprise Linux KVM, and Ubuntu platforms.
The NVIDIA Cloud Gaming platform, which uses similar virtualization technologies, is affected by CVE-2025-33219 in both guest drivers and Virtual GPU Manager components through November 2025.
NVIDIA urges users to immediately update to the patched driver versions via the NVIDIA Driver Downloads portal or the NVIDIA Licensing Portal for vGPU and Cloud Gaming deployments.
Windows users should upgrade to driver versions 591.59 (R590), 582.16 (R580), 573.96 (R570), or 539.64 (R535), depending on their branch.
Linux users must update to versions 590.48.01, 580.126.09, 570.211.01, or 535.288.01, respectively, to mitigate these critical security risks.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.
No Comment! Be the first one.