NVIDIA Windows GPU Display Driver Vulnerability in 3D Vision Component
CVE-2019-5665

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu Graphics Driver
Vendor: CVE Published:; 27 February 2019

Summary

The NVIDIA Windows GPU Display Driver has a vulnerability in its 3D vision component. When the stereo service software opens a file, it fails to properly validate hard links, which could allow an attacker to execute arbitrary code, cause a denial of service, or escalate privileges. Proper validation measures are essential to mitigate these risks.

Affected Version(s)

NVIDIA GPU Graphics Driver All

References

https://nvidia.custhelp.com/app/answers/detail/a_id/4772

x_refsource_CONFIRM

http://support.lenovo.com/us/en/solutions/LEN-26250

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2019
Vulnerability Reserved
Jan 7, 2019