Security Experts:

NVIDIA Patches Several Flaws in GPU Display Drivers

NVIDIA has started releasing patches for several denial-of-service (DoS) and privilege escalation vulnerabilities affecting its GeForce, NVS, Quadro and Tesla graphics card drivers.

A security advisory published by the company on Thursday reveals the existence of four high severity flaws in the kernel mode layer handler (nvlddmkm.sys) for the DxgkDdiEscape function.

This interface was analyzed earlier this year by Google Project Zero researchers as part of their attempts to attack the NVIDIA kernel mode drivers on Windows. The experts, who found a total of 16 security holes, described DxgkDdiEscape as a “well known entry point for potential vulnerabilities.”NVIDIA patches vulnerabilities in GPU display drivers

The vulnerabilities disclosed on Thursday by NVIDIA exist because a value passed from a user to the driver is not validated properly. A local attacker can exploit this weakness to cause a DoS condition or to escalate privileges.

The other four flaws, classified as medium severity, are related to improper access controls, incorrect initialization of internal objects, and unvalidated user input. They can be exploited by a local attacker to cause a DoS condition.

All of the vulnerabilities affect the Windows drivers, but some also impact Linux, FreeBSD and Solaris. The flaws have been addressed in the Windows drivers for GeForce, NVS and Quadro with the release of version 385.69. An update for Tesla is expected to become available next week. For Linux, FreeBSD and Solaris, versions 384.90 and 375.88 patch the vulnerabilities.

Nine DoS and privilege escalation flaws were patched by NVIDIA in its GPU display drivers in late July. A majority of those security holes were classified as high severity.

Lenovo also published an advisory this week to alert its customers about the NVIDIA display driver vulnerabilities patched in July.

Related: Researcher Unwraps Dangerous NVIDIA Driver Exploit on Christmas Day

Related: NVIDIA Releases Fix For Dangerous Display Driver Exploit

Related: Following Developer Site Hack, NVIDIA Shuts Down Online Store

view counter
Eduard Kovacs is an international correspondent for SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.