NVIDIA has patched five bugs in its Windows GPU display driver, three of which could allow an attacker to execute code on the system. Users should patch now.
The bugs affect Windows versions of the display drivers for GeForce (gamer-class), Quadro (professional workstation-class), NVS (multi-display business graphics), and Tesla (high-performance computing) GPUs.
They could all lead to denial of service, but the three highest-severity flaws of the bunch are the ones that could also lead to local code execution on the target system. That means an attacker could theoretically take over a computer, although they’d need local user access to do so – they couldn’t exploit the flaws over a network.
The three code execution bugs would be ranked as high against the CVSS v3 severity scale. Bug CVE‑2019‑5683 in the user mode video driver’s trace logger fails to verify any hard links, meaning that an attacker could inject a link into the log file. This could also lead to privilege escalation. It gets a CVSS v3 score of 8.8.
The other two high-severity bugs, CVE‑2019‑5684 and 5685, are out-of-bounds memory access flaws in the DirectX driver. They can be triggered by malicious versions of shaders, which produce shading textures on 3D objects, and share a 7.8 severity score.
The other two bugs are of medium severity on the CVSS v3 scale, and they are both flaws in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, which is a callback function that shares information with the user-mode display driver. CVE-2019-5686 uses an application programming interface (API) function that may deliver invalid data. CVE-2019-5687 allows default permissions to expose software to an attacker. That could result in unintended information disclosure, said the advisory.
SHIELD
At the same time, NVIDIA also published nine patches for its NVIDIA SHIELD TV media streaming Apple TV rival, featuring movies and games. These included a critical (CVSS v3 9.3) bug (CVE‑2018‑6241) that could lead to arbitrary code execution, escalation of privileges, and denial of service.
The next six bugs in the SHIELD patch have CVSS v3 scores ranging between 8.8 and 7.7, equating to high severity. The bug with the highest score in this category, CVE‑2018‑6269, didn’t invite code execution, but it could lead to information disclosure, denial of service, escalation of privilege, or code injection errors, according to NVIDIA.
What to do?
Customers should install the GPU driver patches through NVIDIA’s driver downloads site. The company also noted that your computer hardware vendor may offer you Windows driver version 431.23, 425.85, or 412.39, which also contains the appropriate patch updates.
SHIELD users can install patches for their devices by selecting Settings > About > System Update.
Leave a Reply