Author Topic: Security flaws fixed in NVIDIA graphics drivers  (Read 917 times)

0 Members and 1 Guest are viewing this topic.

JeGX

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1999
    • View Profile
    • Geeks3D.com
Security flaws fixed in NVIDIA graphics drivers
« on: May 11, 2019, 06:37:24 PM »
NVIDIA has fixed several security flaws in recent graphics drivers and, for GeForce users / gamers, it's recommended to install the latest 430.64 that includes all security patches.

Quote
NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, code execution, or information disclosure.


CVE‑2019‑5675
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure.


CVE‑2019‑5676
NVIDIA Windows GPU Display Driver installer software contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution.


CVE‑2019‑5677
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service.

Link: https://nvidia.custhelp.com/app/answers/detail/a_id/4797

NVIDIA security patches in graphics driver - May 2019