NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers.

All the security flaws patched today by NVIDIA require local user access and cannot be exploited remotely, with potential attackers having to rely on user interaction to execute malicious code designed to exploit one of the fixed bugs on machines with unpatched display drivers.

NVIDIA advises users to update their GeForce, Quadro, NVS, and Tesla Windows GPU display drivers by applying the security update available on the NVIDIA Driver Downloads page.

Security issues with high severity ratings

The issues come with CVSS V3 base scores ranging from 5.2 to 8.8, with three of them having received high severity risk assessments from NVIDIA, while two others have been assigned medium risk base scores, all of them impacting Windows machines.

By abusing these GPU display driver vulnerabilities, would-be attackers can escalate their privileges making it possible to gain permissions above the default ones initially granted by the compromised system.

The flaws would also allow them to render vulnerable machines temporarily unusable by triggering a denial of service state or to locally execute malicious code on the compromised Windows systems.

The software security issues fixed by NVIDIA as part of the August 2019 security update are listed below, together with full descriptions and the CVSS V3 base scores assigned by the company to each of them.

CVE Description Base Score CVE‑2019‑5683 NVIDIA Windows GPU Display Driver contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges. 8.8 CVE‑2019‑5684 NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution. 7.8 CVE‑2019‑5685 NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution. 7.8 CVE‑2019‑5686 NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service. 5.6 CVE‑2019‑5687 NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor, which may lead to information disclosure or denial of service. 5.2

According to NVIDIA's security bulletin published today, the "risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration."

Two of the issues, the ones tracked as CVE-2019-5684 and CVE-2019-5685 which may lead to lead to denial of service or code execution, were reported by Cisco Talos' Piotr Bania.

Today's NVIDIA GPU Display Driver - August 2019 security bulletin also lists the driver versions impacted by the five patched security issues:

Software Product Operating System Affected Versions Updated Version GeForce Windows All R430 versions prior to 431.60 431.60 Quadro, NVS Windows All R430 versions prior to 431.70 431.70 All R418 Versions prior to 426.00 426.00 All R400 versions Available the week of August 19, 2019 All R390 versions prior to 392.56 392.56 Tesla Windows All R418 versions Available the week of August 12, 2019

NVIDIA says that some of the users who will not patch the flaws manually may also receive the Windows driver 431.23, 425.85, or 412.39 versions containing the security updates from their computer hardware vendors.

"The table above may not be a comprehensive list of all affected versions or branch releases and may be updated as more information becomes available," adds NVIDIA.