Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered

Tuesday, December 6, 2022 11:12

Piotr Bania of Cisco Talos discovered these vulnerabilities.

Cisco Talos recently discovered two memory corruption vulnerabilities in shader functionality of an NVIDIA driver.

NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between the operating system and the GPU device. This software is required in most cases for the hardware device to function properly.

Two exploitable memory corruption vulnerabilities exist in the NVIDIA graphics driver: TALOS-2022-1603 (CVE-2022-34671) and TALOS-2022-1604 (CVE-2022-34671). An attacker can use arbitrary code execution to trigger these vulnerabilities. These vulnerabilities could also potentially be triggered from guest machines running virtualization environments (ie. VMware, qemu, VirtualBox, etc.) in order to perform guest-to-host escape.

Cisco Talos worked with NVIDIA to ensure that these issues were resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.

Users are encouraged to update this affected product as soon as possible: NVIDIA D3D10 Driver, Version 516.94 , 31.0.15.1694. Talos tested and confirmed this version of the NVIDIA could be exploited by these vulnerabilities.

The following Snort rules will detect exploitation attempts against these vulnerabilities: 60606-60607 and 60611-60612. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.