NVIDIA patches high-severity bugs in Windows GPUs and SHIELD

NVIDIA has patched five bugs in its Windows GPU display driver, three of which could allow an attacker to execute code on the system. Users should patch now.

The bugs affect Windows versions of the display drivers for GeForce (gamer-class), Quadro (professional workstation-class), NVS (multi-display business graphics), and Tesla (high-performance computing) GPUs.

They could all lead to denial of service, but the three highest-severity flaws of the bunch are the ones that could also lead to local code execution on the target system. That means an attacker could theoretically take over a computer, although they’d need local user access to do so – they couldn’t exploit the flaws over a network.

The three code execution bugs would be ranked as high against the CVSS v3 severity scale. Bug CVE‑2019‑5683 in the user mode video driver’s trace logger fails to verify any hard links, meaning that an attacker could inject a link into the log file. This could also lead to privilege escalation. It gets a CVSS v3 score of 8.8.

The other two high-severity bugs, CVE‑2019‑5684 and 5685, are out-of-bounds memory access flaws in the DirectX driver. They can be triggered by malicious versions of shaders, which produce shading textures on 3D objects, and share a 7.8 severity score.

The other two bugs are of medium severity on the CVSS v3 scale, and they are both flaws in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, which is a callback function that shares information with the user-mode display driver. CVE-2019-5686 uses an application programming interface (API) function that may deliver invalid data. CVE-2019-5687 allows default permissions to expose software to an attacker. That could result in unintended information disclosure, said the advisory.