Security Notice: CPU Speculative Side Channel Vulnerabilities

Answer ID 4609
Updated 01/11/2018 12:07 AM

NVIDIA's response to CPU speculative side channel vulnerabilities CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754


January 3, 2018

This notice is in response to Google Project Zero's publication of novel information disclosure attacks that combine CPU speculative execution with known side channels. The issue was disclosed January 3, 2018.

NVIDIA’s core business is GPU computing. We believe our GPU hardware is immune to the reported security issue and are updating our GPU drivers to help mitigate the CPU security issue. As for our SoCs with ARM CPUs, we have analyzed them to determine which are affected and are preparing appropriate mitigations.

Please actively monitor NVIDIA Product Security for available mitigations, updates, and additional information.

To learn more about the vulnerability management process followed by the NVIDIA Product Security Incident Response Team (PSIRT), see the current list of NVIDIA security bulletins, or subscribe to security bulletin notifications, go to NVIDIA Product Security.

Revision History

Revision Date Description
2.0 January 11, 2018 Updated the title
1.0 January 3, 2018 Initial release
Was this answer helpful?
Your rating has been submitted, please tell us how we can make this answer more useful.

LIVE CHAT

Chat online with one of our support agents

CHAT NOW

ASK US A QUESTION

Contact Support for assistance

CONTACT US