Headline
Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card. NVIDIA graphics…
[[ This is only the beginning! Please visit the blog for the complete entry ]]
Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card.
NVIDIA graphics drivers are software for NVIDIA Graphics GPU cards that are installed on PCs. The D3D10 driver communicates between the operating system and the GPU. It’s required in most cases for the PC to function properly.
An attacker could exploit these vulnerabilities by sending the target a specially crafted executable or shader file.
These issues could also allow an adversary to perform a guest-to-host escape if they target a guest machine running virtualization environments. We specifically tested these issues with a HYPER-V guest using the RemoteFX feature, leading to the execution of vulnerable code on the HYPER-V host.
For more information on these issues, check out their advisories linked below:
- TALOS-2021-1435 (CVE-2022-28181)
- TALOS-2021-1436 (CVE-2022-28182)
- TALOS-2021-1437 (CVE-2022-28182)
- TALOS-2021-1438 (CVE-2022-28182)
Cisco Talos worked with NVIDIA to ensure that these issues are resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.
Users are encouraged to update these affected products as soon as possible: NVIDIA D3D10 driver 496.76, version 30.0.14.9676. Talos tested and confirmed this driver could be exploited by these vulnerabilities.
The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 58880 - 58883, 58885, 58886, 58910 and 58911. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Cisco Secure Firewall Management Center or Snort.org.
Related news
Gentoo Linux Security Advisory 202310-2 - Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected.
NVIDIA recently released patches to address multiple flaws in Windows. Four of them were rated high in severity. The post Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers appeared first on Malwarebytes Labs.