CVE-2019-5670

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu Graphics Driver
Vendor: CVE Published:; 27 February 2019

Summary

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service, escalation of privileges, code execution or information disclosure.

Affected Version(s)

NVIDIA GPU Graphics Driver All

References

https://nvidia.custhelp.com/app/answers/detail/a_id/4772

x_refsource_CONFIRM

http://support.lenovo.com/us/en/solutions/LEN-26250

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2019
Vulnerability Reserved
Jan 7, 2019