|
|
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - TechAmok
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - [briefly]
05:35 AM EDT - Aug,05 2019 - (1 comments) NVIDIA has found a total of five security vulnerabilities with its Windows drivers for GeForce, Quadro and Tesla lineup of graphics cards. These new security risks are labeled as very dangerous and have the potential to cause local code execution, denial of service, or escalation of privileges, unless the system is updated. Users are advised to update their Windows drivers as soon as possible in order to stay secure and avoid all of these vulnerabilities, so be sure to check your drivers for latest version. Exploits are only accessible on Windows based OSes, starting from Windows 7 to Windows 10.
However, one fact that is easing this situation is that in order to exploit a system, attacker must have local access to the machine that is running NVIDIA GPU, as remote exploit can not happen. Bellow are the tables provided by NVIDIA that show type of exploit along with rating it carries and which driver versions are affected. There are no mitigations for this exploit, as driver update is the only available solution to secure the system.
he vulnerabilities are rated using CVSS V3 base scoring system and they are arranged as following:- CVE-2019-5683 - Most dangerous of all the vulnerabilities. This exploits uses driver's trace logger weakness to create hard links, that software does not check. Attacker could create any link without getting warned by the system and force local code execution, denial of service or escalation of privileges. Rated with a score of 8.8.
- CVE-2019-5684 - Vulnerability which uses carefully crafted shaders in order to cause out of bounds access to input texture array, possibly leading to denial of service or code execution. Rated with a score of 7.8
- CVE-2019-5685 - Vulnerability which also uses carefully crafted shaders in order to cause out of bounds access to shader local temporary array, possibly leading to denial of service or code execution as well. Rated with a score of 7.8
- CVE-2019-5686 - Vulnerability hidden in kernel mode layer handler for DxgkDdiEscape, which uses different data structures and DirectX API functions that are not always valid, leading to denial of service if the API function or data structure is incorrect. Rated with a score of 5.6.
- CVE-2019-5687 - Least dangerous exploit of all five. It is also a problem in kernel model layer handler for DxgkDdiEscape, which may put system at risk if incorrect default permissions are used for an object. This can lead to information disclosure or denial of service. Rated with a score of 5.2.
|
|
Short overview of recent news articles |
|
$30 vs $30,000 TV (Dec,16 2025 ) Stranger Things 5 - Volume 2 Trailer (Dec,16 2025 ) Google Brings Live Video Sharing to 911 Calls on Android (Dec,14 2025 ) Samsung One UI 8.5 Will Offer New Features (Dec,14 2025 ) Dell AW3225QF Review - 32-inch curved gaming monitor (Dec,14 2025 ) HW News - AMD Says AI Definitely, Absolutely Not A Bubble, New (Dec,13 2025 ) The BEST Smartphones of 2025! (Dec,13 2025 ) 10 Atmospheric Games That Might CHANGE YOUR LIFE (Dec,11 2025 ) Samsung Galaxy S26 Ultra - Samsung Isn't Hiding It Anymore (Dec,11 2025 ) AMD Releases Adrenalin Edition 25.12.1 WHQL Drivers (Dec,10 2025 ) S25 Ultra VS 17 Pro Max (Dec,10 2025 ) All You Need Is Kill - Official Trailer (Dec,09 2025 ) Why can’t you be NORMAL?!? Roasting Staff Setups (Dec,09 2025 ) A Ryzen Cooling MONSTER - be quiet Silent Loop 3 Review (Dec,09 2025 ) The Boys - Official Final Season Trailer (Dec,07 2025 ) Unemployed in your 30's (Dec,06 2025 ) Play Store Customers to Receive Automatic Payments from $700 Million (Dec,05 2025 ) Google's Second Release of Android 16 Brings Smart Notifications (Dec,05 2025 ) Netflix To Buy Warner Bros for $82.7 Billion (Dec,05 2025 ) Micron to Exit Crucial Consumer Business, Ending Retail SSD and DRAM (Dec,03 2025 ) Samsung Galaxy Z TriFold Unboxing! (Dec,02 2025 ) Top 5 Best CPUs of 2025 (Nov,30 2025 ) Google Adding AirDrop to Android (Nov,30 2025 ) 20 TOP ALIEXPRESS products for BLACK FRIDAY (Nov,29 2025 ) Stop Wasting Money on Premium Monitors (Nov,26 2025 ) The Blackest Friday - Tech News Nov 23 (Nov,23 2025 ) T-Roc: Will this new VW be the best car of 2026? (Nov,23 2025 ) Can I build my own Steam Machine? (Nov,23 2025 ) 50 NEXT-LEVEL Gadgets Every Man NEEDS to See (Nov,22 2025 ) RETURN TO SILENT HILL Trailer (2026) (Nov,22 2025 ) I was WRONG about the Porsche 911 GT3 (or was I?) (Nov,20 2025 ) Pi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart Device (Nov,20 2025 ) Rainbow Six Siege X - Official 'Team Rainbow's Last Mission' (Nov,17 2025 ) Stranger Things Seasons 1-4 Recap (Nov,17 2025 ) Kill Bill: The Whole Bloody Affair - Official Trailer (2025) Uma (Nov,16 2025 ) The Devil Wears Prada 2 - Official Teaser Trailer (2026) Meryl (Nov,15 2025 ) Valve’s New Console and Controller - STEAM Machine & STEAM (Nov,15 2025 ) Valve Steam Machine, Desktop SteamOS, Steam Frame VR, & Controller | (Nov,15 2025 ) Battlefield REDSEC - Official Live-Action Trailer (Nov,01 2025 ) What's the Best PC Upgrade (besides CPU/GPU)? (Nov,01 2025 ) Directive 8020 - RTX On Trailer (Oct,31 2025 ) Stranger Things 5 - Official Trailer (Oct,30 2025 ) AMD Releases Software Adrenalin Edition 25.10.2 WHQL Drivers (Oct,29 2025 ) Exploding AMD CPUs | Investigating ASRock's Murderboards (Oct,29 2025 ) Setting Up Our First Huge Gaming Event was CHAOS (Oct,29 2025 ) Malware of the Future: What an infected system looks like in 2025 (Oct,27 2025 ) F1: Race Highlights | 2025 Mexico City Grand Prix (Oct,27 2025 ) F1: Qualifying Highlights | 2025 Mexico City Grand Prix (Oct,26 2025 ) New Big Windows 11 25H2 October Update - New Taskbar Battery Icons (Oct,25 2025 ) Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party (Oct,25 2025 )
>> News Archive <<
| |
|
