CVE-2022-31613 An NVIDIA GPU Display Driver vulnerability in the kernel mode layer may lead to a kernel panic.

CVE-2022-31613 An NVIDIA GPU Display Driver vulnerability in the kernel mode layer may lead to a kernel panic.

This issue is rated as critical due to the possibility of remote code execution and/or information disclosure. NVIDIA has released a driver update to address this issue. End users are advised to update their installations as soon as possible.

CVE-2018-3628 : A null-pointer dereference was discovered in the kernel mode layer (nvldumd32.dll) of the NVIDIA driver. A local attacker can exploit this issue to cause a system crash.

CVE-2018-3629 : A race condition was discovered in the kernel mode layer (nvldumd32.dll) of the NVIDIA driver. A local attacker can exploit this issue to cause a system crash.

CVE-2018-3630 : A race condition was discovered in the kernel mode layer (nvldumd32.dll) of the NVIDIA driver. A local attacker can exploit this issue to cause a system crash.

CVE-2018-3631 : A race condition was discovered in the kernel mode layer (nvldumd32.dll) of the NVIDIA driver. A local attacker can exploit this issue to cause a system crash.

CVE-2018-3632 : A race condition was discovered in the kernel mode layer (nvldumd32.dll) of the NVIDIA driver. A local attacker can exploit this issue to cause a system crash.

CVE-2018-3633 : A race condition was discovered in the kernel mode layer (nvldum

NVIDIA GPU Product Affected

NVIDIA GPU Device Management and Configuration Library (nvdmc)

NVIDIA GPU Device Management and Configuration Library (nvdmc) is a library that exposes the functionality of the NVIDIA Windows driver for use by third party applications. This library was introduced in NVIDIA Forceware 375.10 (July 10, 2018).

A vulnerability has been identified affecting nvdmc, which may allow a local attacker to disable the security protection on an affected system. The vulnerability could be exploited remotely without authentication by sending specially crafted messages to the target system's TCP port 7777, causing the target system to reboot.

This issue is rated as critical due to the possibility of remote code execution and/or information disclosure. NVIDIA has released a driver update to address this issue. End users are advised to update their installations as soon as possible.

NVIDIA GPU Device Firmware Updates

NVIDIA is aware of vulnerabilities which could potentially allow a malicious attacker with physical access to an NVIDIA GPU device and access to the system BIOS to gain root privileges, resulting in a denial-of-service condition.

Vulnerability #1 : NVIDIA GK104/GK106/GK208/GK210/GF100/GF110/GF114/GF117 Graphics Driver x86xx Driver Stack Buffer Overflow Vulnerability (CVE-2018-3634)

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe