{"id":19113,"date":"2022-05-28T19:00:59","date_gmt":"2022-05-29T03:00:59","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/05\/28\/news-12846\/"},"modified":"2022-05-28T19:00:59","modified_gmt":"2022-05-29T03:00:59","slug":"news-12846","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/05\/28\/news-12846\/","title":{"rendered":"Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers"},"content":{"rendered":"<p><strong>Credit to Author: Jovi Umawing| Date: Mon, 23 May 2022 11:15:01 +0000<\/strong><\/p>\n<p>Multiple NVIDIA graphic card models have been found to have flaws in their GPU drivers, with six medium-and four high-severity ratings. <\/p>\n<p>Last Monday, the company released <a href=\"https:\/\/nvidia.custhelp.com\/app\/answers\/detail\/a_id\/5353\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><u>a software security update for NVIDIA GPU Display Driver<\/u><\/a>\u00a0to address the vulnerabilities. If exploited, they could lead to denial of service, code execution, privilege escalation, and data tampering.<\/p>\n<p>NVIDIA GeForce software, Studio, RTX\/Quadro, NVS, and Tesla running Windows and Linux are all affected by this update, covering driver branches R450, R470, and R510. Here are the lists for <a href=\"https:\/\/www.nvidia.com\/en-us\/drivers\/rtx-enterprise-and-quadro-driver-branch-history\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><u>Windows<\/u><\/a>\u00a0and <a href=\"https:\/\/www.nvidia.com\/en-us\/drivers\/unix\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><u>Unix\/Linux<\/u><\/a>\u00a0for reference for driver branch histories.<\/p>\n<p>The latest release also covers updates for already unsupported GTX 600 and GTX Kepler-series cards. This is NVIDIA honoring <a href=\"https:\/\/nvidia.custhelp.com\/app\/answers\/detail\/a_id\/5202\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"><u>its promise<\/u><\/a>\u00a0of continuing to provide support for these cards until September 2024\u2014three years after the October 2021 end-of-support date.<\/p>\n<p>Let&#8217;s look at each of the vulnerabilities up-close.<\/p>\n<h2>High-severity NVIDIA vulnerabilities<\/h2>\n<ul>\n<li><strong>CVE-2022-28181.<\/strong> A malformed executable or shader file (a program that runs on the GPU) exploiting the <code><a href=\"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2021-1435\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">DCL_INDEXABLE<\/a><\/code> functionality could lead to memory corruption, code execution, data tampering, denial of service, privilege escalation, and information disclosure. Virtual machines and (theoretically) web browsers can trigger this vulnerability. This is exploitable over the network.<\/li>\n<li><strong>CVE-2022-28182<\/strong>. A malformed executable or shader file exploiting the <code><a href=\"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2021-1436\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">DCL_INDEXRANGE<\/a><\/code>, <code><a href=\"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2021-1438\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">DCL_RESOURCE_STRUCTURED<\/a><\/code>, and <code><a href=\"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2021-1437\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">DCL_UNORDERED_ACCESS_VIEW_STRUCTURED<\/a><\/code> functionalities could lead to memory corruption, data tampering, denial of service, information disclosure, and privilege escalation. Virtual machines and (theoretically) web browsers can trigger this vulnerability. This is exploitable over the network.<\/li>\n<li><strong>CVE-2022-28183<\/strong>. An unprivileged user could cause an out-of-bounds read (a flaw that allows parts of the memory, which are allocated to more critical functions, to be manipulated), leading to a denial of service and information disclosure. This is exploited with local access.<\/li>\n<li><strong>CVE-2022-28184<\/strong>. An unprivileged user could access registers available only to administrator accounts, leading to data tampering, denial of service, and information disclosure. This is exploited with local access.<\/li>\n<\/ul>\n<h2>Medium-severity NVIDIA vulnerabilities<\/h2>\n<ul>\n<li><strong>CVE-2022-28185<\/strong>. An out-of-bounds write in the <a href=\"https:\/\/en.wikipedia.org\/wiki\/ECC_memory\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">ECC (error correction code) layer<\/a> could lead to data tampering and denial of service.<\/li>\n<li><strong>CVE-2022-28186<\/strong>. A validation flaw in the kernel mode layer (<code>nvlddmkm.sys<\/code>) could lead to data tampering and denial of service.<\/li>\n<li><strong>CVE-2022-28187<\/strong>. A memory management software flaw in the kernel mode layer (<code>nvlddmkm.sys<\/code>) could lead to denial of service.<\/li>\n<li><strong>CVE-2022-28188<\/strong>. A validation flaw in kernel mode layer (<code>nvlddmkm.sys<\/code>) handler for DxgkDdiEscape where input is not correctly validated for being able to process data safely, which could lead to denial of service.<\/li>\n<li><strong>CVE-2022-28189<\/strong>. A NULL pointer dereference in the kernel mode layer (<code>nvlddmkm.sys<\/code>) handler for <code>DxgkDdiEscape<\/code> could lead to a system crash.<\/li>\n<li><strong>CVE-2022-28190<\/strong>. A validation flaw in kernel mode layer (<code>nvlddmkm.sys<\/code>) handler for <code>DxgkDdiEscape<\/code> where improper input validation could lead to denial of service.<\/li>\n<\/ul>\n<h2>Patch as soon as possible<\/h2>\n<p>NVIDIA users are advised to <a href=\"https:\/\/www.nvidia.com\/Download\/index.aspx\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">download and apply<\/a> the patches ASAP. The updates can also be applied via NVIDIA&#8217;s GeForce Experience suite.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/05\/update-now-nvidia-released-fixes-for-10-flaws-in-windows-gpu-drivers\/\">Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/05\/update-now-nvidia-released-fixes-for-10-flaws-in-windows-gpu-drivers\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Jovi Umawing| Date: Mon, 23 May 2022 11:15:01 +0000<\/strong><\/p>\n<p>NVIDIA recently released patches to address multiple flaws in Windows. Four of them were rated high in severity.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/05\/update-now-nvidia-released-fixes-for-10-flaws-in-windows-gpu-drivers\/\">Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[26239,26240,26241,26242,26243,26244,26245,26246,26247,26248,22783,26249,10496,25217,25581,10525],"class_list":["post-19113","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cve-2022-28181","tag-cve-2022-28182","tag-cve-2022-28183","tag-cve-2022-28184","tag-cve-2022-28185","tag-cve-2022-28186","tag-cve-2022-28187","tag-cve-2022-28188","tag-cve-2022-28189","tag-cve-2022-28190","tag-exploits-and-vulnerabilities","tag-kernel-mode-layer","tag-linux","tag-nvidia","tag-out-of-bounds","tag-windows"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19113"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19113\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19113"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}