• About
  • Advertise
  • Careers
  • Contact
Friday, March 31, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Nvidia GPU Display Drivers Could Be Exploited To Launch DoS Attack

by Cyber360 News
November 11, 2019
in Security
0
Nvidia GPU Display Drivers Could Be Exploited To Launch DoS Attack
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Nvidia GPU display drivers could be on the radar of hackers. According to the latest news, Nvidia is prompting Geforce graphics card owners running Windows OS, to update their drivers.

The three severe flaws in Nvidia GPUs were discovered by Kushal Arvind Shah from Fortinet’s FortGuard Labs. The vulnerability could allow hackers to steal information, gain administrative access on users PC or worse, launch a DoS (Denial of Service) attack.

jamf now

Nvidia GPU Display Drivers Need To Be Updated ASAP

If you’re running any latest Nvidia Geforce graphics card, be it on your desktop or laptop, then you need to upgrade it asap.

The Nvidia GPR Display driver has a vulnerability termed CVE-2019-5675 in its kernel mode (nvlddmkm.sys) for DxgkDdiEscape. This exploit does not synchronize data such as static variables across threads. It could lead to a DoS attack.

Another vulnerability is termed CVE-2019-5676, which could be used to launch a DLL attack. Nvidia GPU Display drivers load the Windows system DLL incorrectly without any sign validation. Hackers can run a custom DLL in Current Working Directory and trick the system into granting them access.

DLL Attacks

When an attacker gains control of one of the Current Working Directories or CWD, they can plant a custom DLL (Dynamic Link Library) into it. Using this technique the hacker can execute programs with user privilege.

Nvidia has informed its users via a security bulletin and is currently pushing the updates for a number of Geforce graphics cards.

The third vulnerability dubbed CVH-2019-5677 is the least severe of them all. However, it still contains a kernel mode layer vulnerability which can be exploited to cause a DoS attack.

The severity of all these exploits is as follows:

Are All Nvidia GPUs Affected

A number of Nvidia GPUs have several vulnerabilities. Here is a list of all of them:

CVE Nvidia GPU Display Drivers GPU Drivers Affected Updated Safe Versions
CVE‑2019‑5675
CVE‑2019‑5676
CVE‑2019‑5677
GeForce All R430 versions prior to 430.64 430.64

CVE‑2019‑5675
CVE‑2019‑5676
CVE‑2019‑5677

Quadro, NVS

All R430 versions prior to 430.64 430.64
All R418 versions prior to 425.51 425.51
All R400 versions Available the week of May 13
CVE‑2019‑5666
CVE‑2019‑5675
CVE‑2019‑5677
Quadro, NVS All R390 versions Available the week of May 20

CVE‑2019‑5675
CVE‑2019‑5676
CVE‑2019‑5677

Tesla

All R418 versions prior to 425.25 425.25
All R400 versions Available the week of May 13

 

Nvidia’s risk assessment is based on CVSS v3 standards.

Laptop manufacturers like Lenovo have started rolling out updates for their Nvidia mobile GPUs. Users can expect an official update from their respective laptop manufacturers very soon.

jamf now
Also Read: Nvidia GTX 1650 Vs 1660 Vs 1660 Ti GPU For Budget Gaming PC
Cyber360 News

Cyber360 News

Next Post
4,600 Websites Prone To Hacking! Payment Data And Passwords At Risk!

4,600 Websites Prone To Hacking! Payment Data And Passwords At Risk!

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In