By 
Nvidia came up with fixes for critical flaws in its graphics driver, which can be abused by a local hacker to carry out denial-of-service (DoS) or remote code-execution attacks.
Devices aimed for fanatic gamers use Nvidia’s graphics processing unit (GPU) display driver, a software module that helps the device’s operating system and programs use its critical graphics hardware. Precisely affected are display drivers used in GeForce, Quadro and Tesla-branded GPUs for Windows.
The most serious fault is found in the control panel component of the graphics driver, which is a utility program helping users screen and regulate the locations of their graphics adapter. Nvidia in its security advisory says that an attacker with local system access can spoil a system file in the control panel, leading to DoS or increase of privileges.
The flaw (CVE‑2020‑5957) ranks 8.4 out of 10.0 on the CVSS scale, making it high-severity.
Another flaw sits in the control panel of the graphics driver (CVE‑2020‑5958). This flaw can be abused by an attacker with local system access by lodging a malicious dynamic link library (DLL) file in the control panel, which may lead to code implementation, DoS or information revelation.
The company also revealed numerous flaws in the Virtual GPU (vGPU) Manager, its tool that allows numerous virtual machines to have synchronized, direct access to a single physical GPU.
The most critical of these faults exists in the vGPU plugin, “in which an input index value is incorrectly validated, which may lead to denial of service,” according to Nvidia. The vulnerability (CVE‑2020‑5959) is 7.8 out of 10.0 on the CVSS scale, making it high-severity.
