Multiple vulnerabilities in NVIDIA Windows GPU Display Driver



Published: 2018-03-28
Risk Low
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2018-6247
CVE-2018-6253
CVE-2018-6252
CVE-2018-6251
CVE-2018-6250
CVE-2018-6248
CVE-2018-6249
CWE-ID CWE-476
CWE-835
CWE-284
CWE-787
CWE-805
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
NVIDIA Windows GPU Display Driver
Client/Desktop applications / Virtualization software

Vendor nVidia

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU11792

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6247

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape due to NULL pointer dereference. A local attacker can gain root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Infinite loop

EUVDB-ID: #VU11793

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6253

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists in the DirectX and OpenGL Usermode drivers due to infinite loop. A local attacker can submit a specially crafted pixel shader and cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Improper access control

EUVDB-ID: #VU11794

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6252

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists in the kernel mode layer handler for DxgkDdiEscape due to an access to restricted functionality that is unnecessary for production usage. A local attacker can cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Out-of-bounds write

EUVDB-ID: #VU11795

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6251

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the DirectX 10 Usermode driver due to writing to unallocated memory. A local attacker can submit a specially crafted pixel shader, cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) NULL pointer dereference

EUVDB-ID: #VU11796

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6250

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape due to NULL pointer dereference. A local attacker can gain root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Buffer access with incorrect length value

EUVDB-ID: #VU11797

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6248

CWE-ID: CWE-805 - Buffer Access with Incorrect Length Value

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.

The weakness exists in the kernel mode layer handler for DxgkDdiEscape due to buffer access with incorrect length value. A local attacker can cause the service to crash or gain root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

7) NULL pointer dereference

EUVDB-ID: #VU11798

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-6249

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.

The weakness exists in kernel mode layer handler due to NULL pointer dereference. A local attacker can cause the service to crash or gain root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

NVIDIA Windows GPU Display Driver: All versions


CPE2.3 External links

http://nvidia.custhelp.com/app/answers/detail/a_id/4649

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###