NVIDIA DGX Systems - Response to speculative side channels CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754
DGX customers should be aware that on January 3, 2018, Google Project Zero disclosed a security issue related to speculative side channel attacks against certain processors. NVIDIA's core business is GPU computing.
We believe our GPU hardware is immune to the reported security issue and are updating our GPU drivers to help mitigate the CPU security issue. DGX OS Server and DGX OS Desktop release 3.1.4 includes an updated Linux GPU Driver version 384.111 that contains security updates for this issue beginning the week of January 8, 2018. Refer to Security Bulletin 4611: NVIDIA GPU Display Driver Security Updates for Speculative Side Channels for more information.
The DGX Product Team will post updates on the support portal with more details and recommended actions for DGX systems. DGX users are also encouraged to opt-into DGX product communications for this and other relevant updates.
To see NVIDIA security bulletins, subscribe to security bulletin notifications or learn more about NVIDIA's product security management process, go to NVIDIA Product Security.