Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Nvidia Header
Category:
News

Nvidia notes security flaw in GeForce drivers, suggests update to drivers

GeForce power!
Image of PCInvasion Staff
PCInvasion Staff
|

Published: Aug 5, 2019 07:25 pm

This article is over 5 years old and may contain outdated information

This past Friday, Nvidia noted that it had recently discovered several security flaws within its display drivers that needed updating. In a bulletin on its website, the company notes five different issues impacting Windows users running GeForce, Quadro, NVS, or Tesla editions of its cards. The various vulnerabilities could allow attacks to execute foreign code or instigate a denial-of-service attack on your computer.

Recommended Videos

Not wanting users to lose important data, Nvidia has stressed that everyone update to version 431.60 of its GeForce software (the other cards have their own specific versions). This update was released on July 23, so most of you may already have it installed. If not, it’s as easy as launching the “GeForce Experience” or navigating to Nvidia’s website to grab the update for your card.

The specific exploits are listed below.

  • CVE‑2019‑5683: “NVIDIA Windows GPU Display Driver contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.”
  • CVE‑2019‑5684: “NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.”
  • CVE‑2019‑5685: “NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.”
  • CVE‑2019‑5686: “NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service.”
  • CVE‑2019‑5687: “NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor, which may lead to information disclosure or denial of service.”

Have you been affected by this at all? Let us know, and make sure to update your Nvidia drivers!

Post Tag:
News
Nvidia drivers
security
PC Invasion is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
related content
Author
Image of PCInvasion Staff
PCInvasion Staff