NVIDIA, which makes graphics processing units (GPUs) for gaming systems, high-end PCs and handheld devices, has issued fixes for several high-severity vulnerabilities in its graphics drivers for Windows and Linux that in some cases could lead to code execution.
The graphics driver (also known as the NVIDIA GPU Display Driver) is the software component that allows the device’s operating system and application to use its enthusiast gamer-optimized graphics hardware. NVIDIA’s graphics driver has previously been found to contain serious flaws, including ones disclosed in May that could allow attackers to execute arbitrary code and, in some cases, perform guest-to-host escapes on systems running virtual machines.
“This update addresses issues that may lead to denial of service, information disclosure, escalation of privileges, code execution, or data tampering,” said NVIDIA in its Tuesday security release.
NVIDIA’s release includes three flaws that exist in the kernel mode layer (nvlddmkm.sys) of the graphics driver for Windows. One of these (CVE-2022-31606) is a hole in the kernel mode layer handler for the DxgkDdiEscape interface. The interface fails to properly validate data, potentially allowing an attacker “with basic user capabilities” to trigger an out-of-bounds access in kernel mode. This in turn could lead to denial-of-service attacks, information disclosure, privilege escalation or data tampering, said NVIDIA.
Two other high-severity flaws (CVE-2022-31617 and CVE-2022-31610) allow a local user with basic capabilities to “cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.” These vulnerabilities are addressed in updates for impacted R515, R510, R470 and R450 Windows driver branch versions.
The security update also includes two flaws stemming from the graphics driver for Linux. One flaw (CVE-2022-31607) in the kernel mode layer (nvidia.ko) stems from improper input validation. This could enable a local attacker to launch an array of attacks, including denial of service, privilege escalation, data tampering and “limited information disclosure.” Another vulnerability (CVE-2022-31608) exists in an optional D-Bus configuration file. Here, “a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering,” according to NVIDIA. The updates for impacted versions of Linux driver branches R515, R510, R470, R450 and R390 address these flaws.
NVIDIA also released updates for several flaws in its VGPU software, which include an error in the vGPU plugin that allows a guest VM to allocate resources that the guest is typically not authorized to allocate. According to NVIDIA, exploitation of this flaw could lead to loss of data integrity and confidentiality, denial of service or information disclosure.