Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your application’s future with our API Penetration Test, designed to identify vulnerabilities and protect your data through real-world attack simulations.

        • Network Penetration Testing
        • Boost your network’s security with our Network Penetration Testing service, where we simulate cyber-attacks to uncover vulnerabilities before they can be exploited by malicious actors.

        • Mobile Penetration Testing
        • Identify and address security vulnerabilities in your mobile app through simulated cyber-attacks, ensuring the safety of user data and seamless functionality.

        • Web Penetration Testing
        • Discover and mitigate security risks in your web application through simulated cyber-attacks, fortifying your online presence against potential threats.

        • RAPID DIGITALISATION

        • OTHERS

NVIDIA Fixes Ten Vulnerabilities in Windows GPU Display Drivers

NVIDIA Fixes Ten Vulnerabilities in Windows GPU Display Drivers

NVIDIA has released a security update for a wide range of graphics card models, addressing four high-severity and six medium-severity vulnerabilities in its GPU drivers.

The security update fixes vulnerabilities that can lead to denial of service, information disclosure, elevation of privileges, code execution, etc.

The updates have been made available for Tesla, RTX/Quadro, NVS, Studio, and GeForce software products, covering driver branches R450, R470, and R510.

Also Read: Protecting Data Online in the New Normal

CVEs fixed for each driver branch
CVEs fixed for each driver branch (NVIDIA)

Interestingly, apart from the current and recent product lines that are actively supported, NVIDIA’s latest release also covers GTX 600 and GTX 700 Kepler-series cards, whose support ended in October 2021.

The GPU maker previously promised to continue providing critical security updates for these products until September 2024, and this driver update honors that promise.

The four high-severity flaws fixed this month are:

  • CVE-2022-28181 (CVSS v3 score: 8.5) – Out-of-bounds write in the kernel mode layer caused by a specially crafted shader sent over the network, potentially leading to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
  • CVE-2022-28182 (CVSS v3 score: 8.5) – Flaw in DirectX11 user mode driver allowing an unauthorized attacker to send a specially crafted shared over the network and cause denial of service, escalation of privileges, information disclosure, and data tampering.
  • CVE-2022-28183 (CVSS v3 score: 7.7) – Vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds read, which may lead to denial of service and information disclosure.
  • CVE-2022-28184 (CVSS v3 score: 7.1) – Vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a regular unprivileged user can access administrator-privileged registers, which may lead to denial of service, information disclosure, and data tampering.

These vulnerabilities require low privileges and no user interaction, so they could be incorporated into malware, allowing attackers to execute commands with higher privileges.

The first two are exploitable over the network, while the other two are exploited with local access, which could still be helpful for a malware infecting a system with low privileges.

Cisco Talos, which discovered CVE-2022-28181 and CVE-2022-28182, has also published a post today detailing how they triggered the memory corruption flaws by supplying a malformed compute shader.

Also Read: The Top 4W’s of Ethical Hacking

As threat actors can use a malicious shader in the browser by WebAssembly and WebGL, Talos warns that threat actors may be able to trigger this remotely.

“A specially-crafted executable/shader file can lead to memory corruption. This vulnerability potentially could be triggered from guest machines running virtualization environments (i.e. VMware, qemu, VirtualBox etc.) in order to perform guest-to-host escape. Theoretically this vulnerability could be also triggered from web browser using webGL and webassembly,” explains Talos regarding CVE-2022-28181.

For more details on all of the fixes and every software and hardware product covered this month, check out NVIDIA’s security bulletin.

All users are advised to apply the released security updates as soon as possible. Users can download the latest driver for their GPU model from NVIDIA’s download central section, where they can select the specific product and OS they are using.

The updates can also be applied through NVIDIA’s GeForce Experience suite. 

However, if you don’t specifically need the software to save gaming profiles or use its streaming features, we recommend against using it as it introduces unnecessary security risks and the use of resources.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us