SB2018040510 - Amazon Linux AMI update for nvidia
Published: April 5, 2018
Security Bulletin ID
SB2018040510
Severity
Low
Patch available
YES
Number of vulnerabilities
7
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2018-6247)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape due to NULL pointer dereference. A local attacker can gain root privileges.
2) Infinite loop (CVE-ID: CVE-2018-6253)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the DirectX and OpenGL Usermode drivers due to infinite loop. A local attacker can submit a specially crafted pixel shader and cause the service to crash.
3) Improper access control (CVE-ID: CVE-2018-6252)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the kernel mode layer handler for DxgkDdiEscape due to an access to restricted functionality that is unnecessary for production usage. A local attacker can cause the service to crash.
4) Out-of-bounds write (CVE-ID: CVE-2018-6251)
The vulnerability allows a local attacker to cause DoS condition or execute arbitrary code on the target system.The weakness exists in the DirectX 10 Usermode driver due to writing to unallocated memory. A local attacker can submit a specially crafted pixel shader, cause the service to crash or execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
5) NULL pointer dereference (CVE-ID: CVE-2018-6250)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape due to NULL pointer dereference. A local attacker can gain root privileges.
6) Buffer access with incorrect length value (CVE-ID: CVE-2018-6248)
The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.The weakness exists in the kernel mode layer handler for DxgkDdiEscape due to buffer access with incorrect length value. A local attacker can cause the service to crash or gain root privileges.
7) NULL pointer dereference (CVE-ID: CVE-2018-6249)
The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.The weakness exists in kernel mode layer handler due to NULL pointer dereference. A local attacker can cause the service to crash or gain root privileges.
Remediation
Install update from vendor's website.