|
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - TechAmok
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - [briefly] 05:35 AM EDT - Aug,05 2019 - (1 comments) NVIDIA has found a total of five security vulnerabilities with its Windows drivers for GeForce, Quadro and Tesla lineup of graphics cards. These new security risks are labeled as very dangerous and have the potential to cause local code execution, denial of service, or escalation of privileges, unless the system is updated. Users are advised to update their Windows drivers as soon as possible in order to stay secure and avoid all of these vulnerabilities, so be sure to check your drivers for latest version. Exploits are only accessible on Windows based OSes, starting from Windows 7 to Windows 10.
However, one fact that is easing this situation is that in order to exploit a system, attacker must have local access to the machine that is running NVIDIA GPU, as remote exploit can not happen. Bellow are the tables provided by NVIDIA that show type of exploit along with rating it carries and which driver versions are affected. There are no mitigations for this exploit, as driver update is the only available solution to secure the system.
he vulnerabilities are rated using CVSS V3 base scoring system and they are arranged as following:- CVE-2019-5683 - Most dangerous of all the vulnerabilities. This exploits uses driver's trace logger weakness to create hard links, that software does not check. Attacker could create any link without getting warned by the system and force local code execution, denial of service or escalation of privileges. Rated with a score of 8.8.
- CVE-2019-5684 - Vulnerability which uses carefully crafted shaders in order to cause out of bounds access to input texture array, possibly leading to denial of service or code execution. Rated with a score of 7.8
- CVE-2019-5685 - Vulnerability which also uses carefully crafted shaders in order to cause out of bounds access to shader local temporary array, possibly leading to denial of service or code execution as well. Rated with a score of 7.8
- CVE-2019-5686 - Vulnerability hidden in kernel mode layer handler for DxgkDdiEscape, which uses different data structures and DirectX API functions that are not always valid, leading to denial of service if the API function or data structure is incorrect. Rated with a score of 5.6.
- CVE-2019-5687 - Least dangerous exploit of all five. It is also a problem in kernel model layer handler for DxgkDdiEscape, which may put system at risk if incorrect default permissions are used for an object. This can lead to information disclosure or denial of service. Rated with a score of 5.2.
|
|
Short overview of recent news articles |
Haley Messick - Saatisfaction @bennybenassi - In10sive Mastercamp (Mar,18 2024 ) 1000W CPU: The Most Powerful Desktop Processor (Mar,18 2024 ) Expands Snapdragon 8 Series to Cover More Price Points (Mar,18 2024 ) Train Vs Lamborghini (Mar,17 2024 ) Don't use a Microsoft Account! (Mar,16 2024 ) This Ghillie Made from MIRRORS is SHOCKINGLY GOOD (Mar,16 2024 ) How Hackers Deliver Malware to Hack you using Social Media (Mar,16 2024 ) Call of Duty: Warzone Mobile - Launch Trailer (Mar,15 2024 ) Intel's 4th Attempt At Beating Ryzen - "New" 6.2GHz Core (Mar,14 2024 ) Asus Goes Big with Zenfone 11 Ultra (Mar,14 2024 ) House Passes Bill to Force Sale of TikTok (Mar,14 2024 ) Motorola Brings More Affordable 5G Phones to its 2024 Lineup (Mar,14 2024 ) Capristan Swim - Miami Swim Week | Art Basel Miami (Mar,14 2024 ) The Most Stunning All SSD NAS Ever? Inside QNAP's All-SSD (Mar,11 2024 ) M2 vs M3 MacBook Air - ULTIMATE Comparison! (Mar,11 2024 ) Risky PC Experiment: Direct CPU Water-Cooling! Can It Survive? (Mar,11 2024 ) SpaceX Falcon 9 rocket launches 23 Starlink satellites from (Mar,11 2024 ) I tried the Cheapest Arduino Alternative (that Nobody heard of) (Mar,10 2024 ) This is the WEIRDEST PC I've ever seen. (Mar,10 2024 ) Nvidia Retires GTX 16 Series, GDDR7 Arrives, FSR Upscaling Going AI? (Mar,10 2024 ) The New BIOS Hack That Bypasses Every Antivirus (Mar,09 2024 ) Microsoft says it hasn't been able to shake Russian state hackers (Mar,09 2024 ) iOS 17.4, Out Today, Brings Transcripts to Apple Podcasts (Mar,09 2024 ) Microsoft Kills Android-on-Windows (Mar,09 2024 ) Don't Make These Common PC Building Mistakes! (Mar,08 2024 ) Sydney Sweeney Gets Outcast By Her Hooters Co-Workers On 'SNL' (Mar,07 2024 ) How A Journalist Uncovered America's Secret Doomsday Bunkers (Mar,07 2024 ) Government Banning Hardware Wallets? (Mar,07 2024 ) Xiaomi 14 Ultra Full Review: I prefer to call it '13S Ultra' (Mar,07 2024 ) Windows Defender vs Ransomware 2024 (Mar,05 2024 ) I fixed this PCIe card with tape - I can't believe this worked... (Mar,04 2024 ) Auto Change IP Address in every 3 Seconds - 100% ANONYMOUS (Mar,03 2024 ) Liquid Cooling is Dead (Mar,03 2024 ) This AAA Hedera Powered Game Could EXPLODE HBAR'S VALUE (Mar,02 2024 ) Gaming on Starlink - 2024 Review and Tes (Mar,02 2024 ) World's Fastest Camera Drone Vs F1 Car (ft. Max Verstappen) (Mar,01 2024 ) Top 5 Best CPU Coolers 2024 (Feb,29 2024 ) Tangem vs Cypherock X1 Cold Wallet - Choose Wisely! (Feb,29 2024 ) The All China PC (Feb,29 2024 ) The NEW Legion 7i - A Game Changer (Feb,28 2024 ) First Look 2024: A new era of Samsung AI TV (Feb,28 2024 ) Tesla Model 3 (2024) - Crazy Cool Tech Features!!! (Feb,27 2024 ) The Terrible Simpsons Predictions for 2024 (Feb,26 2024 ) HW News - Intel Wants AMD's Chips, Cooler Master Sues Everyone (Feb,25 2024 ) It CAN be done - The Potato PC (Feb,25 2024 ) What's the best bang-for-the-buck gaming CPU right now? (Feb,25 2024 ) How to never accidentally run Malware: Must Have Windows Tweaks (Feb,25 2024 ) Black Tape Project Full Show / Miami Swim Week (Feb,25 2024 ) 3 USB things every Windows user must do right now! (Feb,24 2024 ) Samsung Galaxy Z Fold 6 - WOW! Look At This (Feb,24 2024 )
>> News Archive <<
| |
|