• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver

Status
Not open for further replies.

EastCoastHandle

EastCoastHandle

EastCoastHandle

Soldato
Joined
8 Jun 2018
Posts
2,827
Several flaws found in Nvidia’s graphics drivers could enable denial of service, code execution and other malicious attack
...
The most severe flaw exists in the control panel component of the graphics driver, which is a utility program helping users monitor and adjust the settings of their graphics adapter. According to Nvidia in its security advisory, published Friday, an attacker with local system access can corrupt a system file in the control panel, which would lead to DoS or escalation of privileges.

Another vulnerability, this one medium-severity, exists in the control panel of the graphics driver (CV-2020-5958). An attacker with local system access could exploit this flaw by planting a malicious dynamic link library (DLL) file in the control panel, which may lead to code execution, DoS or information disclosure.
...
Nvidia also disclosed several vulnerabilities in the Virtual GPU (vGPU) Manager, its tool that enables multiple virtual machines to have simultaneous, direct access to a single physical GPU, while also using Nvidia graphics drivers deployed on non-virtualized operating systems.

The most severe of these flaws exists in the vGPU plugin, “in which an input index value is incorrectly validated, which may lead to denial of service,” according to Nvidia. The vulnerability (CVE‑2020‑5959) is 7.8 out of 10.0 on the CVSS scale, making it high-severity.

...

It’s only the latest Nvidia security patch impacting its gaming-enthusiast customer base....
Click to expand...
https://threatpost.com/gamer-alert-serious-nvidia-flaw-plagues-graphics-driver/153380/

According to the article in order to patch these vulnerabilities you have to install driver Geforce 442.50 or better (I assume).
For those that believe that a earlier version of the drivers works best for their system use at your own discretion.
 
Last edited:
If someone has unauthorised local access to your machine, you have a lot more to worry about than a vulnerability in your graphics drivers.
 
Could be a problem in server/business environments where an account might have limited privileges but yeah for the average desktop user someone has already got in the front door if they can exploit these.
 
EastCoastHandle said:



Nvidia has been patching their drivers for quite sometime now. I have to wonder what more they will find by spring or summer 2020?
This reminds me of Intel's security patching.
Click to expand...

Aw, bless. You are trying so hard to make this a 'thing'.

Would you prefer them not to patch them :confused:
 
Last edited:
I wonder how long it is before we still see another thread finding fault with AMD drivers.

I really don't find these type of threads very helpful where things are blown out of all proportion.
 
These days every thing on your computer should be treated as having the potential to run malicious code or open to abuse.

Everything needs to be kept up to date.

That goes for BIOS, GPU drivers, OS, applications you name it. It is all just lines of code.
 
Status
Not open for further replies.
Back
Top Bottom