IT LOOKS LIKE even Nvidia’s graphics cards can’t escape the spectre of Spectre, as the graphics processing units (GPUs) in the cards are affected by the flaws.
Nvidia detailed how through the use of a side channel cyber attack that exploits the speculative execution modern processors perform to deliver speedy performance, its GPU drivers could fall foul of Spectre variants.
There are two vulnerabilities attributed to Spectre, and while Nvidia has pushed out patches to plug one of the security holes, it’s still working on updates to block off the second.
Given Nvidia shares GPU architecture across all its graphics tech, from GeForce gaming cards to enterprise-grade Quadro and Tesla chips, it seems a whole host of Nvidia kit is affected by Spectre.
However, unlike the other hardware-level CPU flaw Meltdown, which only affects Intel processors, Spectre is more difficult to exploit and there are no reports of it being used outside of lab and proof-of-concept cyber attacks.
But Nvidia still has to plug the security hole even if it could affect the performance of its GPUs, as is the case with other fixes for Spectre and Meltdown, though Nvidia hasn’t detailed any ramifications the patches may carry.
And that’s pretty much it. Further details and patch schedules have not been revealed but we’d expect them to be pushed out sooner than later.
We’d also hazard a guess that Nvidia is keeping its cards well-hidden under CEO Jensen Huang’s trademark leather jacket in order to prevent opportunistic hackers from figuring out what its GPUs may still be vulnerable.
The news of Nvidia’s GPUs being affected by Spectre is a good example of just how widespread a problem it and the Meltdown variant has caused, potentially signalling that the next wave of chip from the main players will need a complete change of architecture. Such a change is not likely to be cheap for sure.
Nvidia has been in touch to clarify that its GPU hardware is not at risk from the Meltdown and Spectre vulnerabilities. Rather, the firm is patching its drivers to mitigate the impact of CPU issues. µ
Source : Inquirer