What is the issue - NVIDIA Geforce Experience software contains a vulnerability when ShadowPlay, NvContainer, or GameStream is enabled.
Why it matters - This vulnerability could allow attackers to escalate privileges, conduct code execution, and perform Denial-of-Service (DoS) attacks.
“The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration,” NVIDIA stated.
When opening a file, the NVIDIA Geforce Experience software does not check for hard links thereby allowing attackers to escalate privileges, perform code execution and DoS attacks.
NVIDIA has released a security update to fix this vulnerability in the 3.18 version. NVIDIA users are requested to update to the latest patched version 3.18 in order to stay protected from DoS attacks.