Detections
Analytics
NVIDIA Linux GPU Display Driver (January 2026)
high Nessus Plugin ID 297217
Language:
Synopsis
The NVIDIA GPU display driver software on the remote Linux host is missing a vendor-supplied patch.Description
A display driver installed on the remote Linux host is affected by multiple vulnerabilities, including the following:- NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering. (CVE-2025-33219)
- NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. (CVE-2025-33220)
Note that Nessus has not attempted to exploit these issues but has instead relied only on the driver's self-reported version number.
Solution
Upgrade the NVIDIA graphics driver in accordance with the vendor advisory.See Also
Plugin Details
Severity: High
ID: 297217
File Name: nvidia_unix_2026_1.nasl
Version: 1.2
Type: local
Agent: unix
Family: Misc.
Published: 1/30/2026
Updated: 2/3/2026
Configuration: Enable paranoid mode
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-33219
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2025-33220
Vulnerability Information
CPE: cpe:/a:nvidia:gpu_driver
Required KB Items: NVIDIA_UNIX_Driver/Version, NVIDIA_UNIX_Driver/GPU_Model, Settings/ParanoidReport
Exploit Ease: No known exploits are available
Patch Publication Date: 1/27/2026
Vulnerability Publication Date: 1/27/2026
Reference Information
CVE: CVE-2025-33219, CVE-2025-33220
IAVA: 2026-A-0095