The worst bugs have opened the way for code execution and information leakage.
NVIDIA has patched a serious security vulnerability in GeForce Experience graphics software and GPU display drivers.
On Thursday, technology giants released two separate security advisories (1, 2) detailing the vulnerability, the worst of which could lead to code execution or disclosure.
Three vulnerabilities have been fixed in GeForce Experience. The first CVE-2019-5701 is a problem with GameStream. When enabled, an attacker with local access can load the Intel graphics driver DLL without path validation, which could lead to arbitrary code execution, privilege escalation, denial of service (DoS), or disclosure of information.
The second bug, CVE-2019-5689, is in the GeForce downloader. With local access, an attacker could write and run code to send and store malicious files that could lead to code execution, DoS, or information disclosure.
The third security flaw, CVE-2019-5695, was found in GeForce local service provider components. An attacker would need local and privileged access to exploit this vulnerability, but if it did, he could use the wrong Window system DLL loading to cause DoS or data theft.
Six vulnerabilities have been fixed in the Nvidia Windows GPU display driver. The most important of these issues is CVE-2019-5690, a kernel-mode layer handler issue where input size is not validated, resulting in DoS or privilege escalation.
Also, CVE-2019-5691 was found on the same system that could exploit null pointer errors for the same purpose.
Two other bugs, which are also present in the kernel-mode layer handler, CVE-2019-5692 and CVE-2019-5693 have also been fixed. The first is related to untrusted input when calculating or using an array index, leading to privilege escalation or denial of service, but the second security flaw relates to how programs access or use pointers. If exploited, this issue could lead to a denial of service.
Reference: NVIDIA, VMware Partners to Offer Virtualization GPUs
Display drivers also included CVE-2019-5694 and CVE-2019-5695, DoS or incorrect DLL loading issues that could be exploited for information disclosure.
Nvidia fixed three vulnerabilities in Virtual GPU Manager. CVE-2019-5696 is a security flaw that can lead to out-of-range access on a guest VM, while CVE-2019-5697 accesses memory not owned by a guest, causing DoS or information disclosure.
The last bug, CVE-2019-5698, is in the vGPU plugin and is related to incorrect validation of input index values. If exploited, this security flaw can also lead to denial of service.
All versions of Nvidia GeForce Experience on Windows prior to 3.20.1 are affected. Nvidia Quadro, NVS R440 versions, Tesla R440 and R418 and Quadro 390 prior to 441.12, R430 and R418