Some of us like wait for new drivers to simmer due to unforeseen regressions, but NVIDIA’s latest release may be worth installing straight away. That’s because the package addresses five vulnerabilities allowing for code execution, denial of service, or escalation of privileges by attackers.

CVE‑2019‑5683: NVIDIA Windows GPU Display Driver contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.

CVE‑2019‑5684: NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.

CVE‑2019‑5685: NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.

CVE‑2019‑5686: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service.

CVE‑2019‑5687: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor, which may lead to information disclosure or denial of service.

As always, you can grab the patched driver on NVIDIA’s driver downloads page.

By abusing these GPU display driver vulnerabilities, would-be attackers can escalate their privileges making it possible to gain permissions above the default ones initially granted by the compromised system. The flaws would also allow them to render vulnerable machines temporarily unusable by triggering a denial of service state or to locally execute malicious code on the compromised Windows systems.

Discussion