Nvidia has released a security bulletin and several fixes after several high-severity flaws were found in one of its Windows GPU drivers and its GeForce experience software. The issues allowed attackers to perform anything from DoS attacks to an escalation of privilege.
“NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, or information disclosure,” reads the bulletin. “To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software update, through the NVIDIA Licensing Center.”
The problem with the GPU driver has its roots in kernel mode layer handler nvlddmkm.sys for DxgkDdiEscape. In one attack vector (CVE‑2019‑5690), attackers could exploit the fact the size of an input buffer is not validated. In another (CVE‑2019‑5691), programmers dereferenced a null pointer (ie. the code tried to access the data stored at a memory location of an object that doesn’t really exist). Both of these were handed a CVSS score of 7.8, while a third (CVE‑2019‑5692) was marked at 7.1.
With GeForce Experience, the problem lies in its GameStream feature, which automatically crafts game highlights. Attackers with local system access would be able to load Intel graphics driver DDLs without validating the path or signature, opening users to DoS, escalation of privileges via code execution, and more.
Generally, these attack openings mirror ones we reported with GeForce Experience in June, in that case found in the WebHelper component. Users must ensure their GeForce experience version is 3.20.1 or above, and their driver is 441.12 or higher to be safe.