{"id":224684,"date":"2019-11-08T07:48:12","date_gmt":"2019-11-08T06:48:12","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=224684"},"modified":"2023-04-13T11:32:28","modified_gmt":"2023-04-13T09:32:28","slug":"nvidia-schwachstellen-in-geforce-experience-gpu-treiber","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2019\/11\/08\/nvidia-schwachstellen-in-geforce-experience-gpu-treiber\/","title":{"rendered":"Nvidia: Schwachstellen in GeForce Experience- & GPU-Treiber"},"content":{"rendered":"

[English<\/a>]Im Nvidia GeForce Experience- und im GPU-Treiber gibt es gleich mehrere gravierende Schwachstellen, die lokalen Angreifern eine Privilegien-Erh\u00f6hung erm\u00f6glicht. Nvidia hat ein Treiberupdate bereitgestellt.<\/p>\n

<\/p>\n

Sicherheitswarnungen zum 7. November 2019<\/h2>\n

\"\"In zwei Sicherheitswarnungen zum GeForce Experience-Treiber<\/a> und zum GPU-Treiber<\/a> warnt der Hersteller vor einer Reihe von Schwachstellen. Dieser erm\u00f6glichen lokal eine Erh\u00f6hung der Privilegien, ein Remote-Angriff ist aber nicht m\u00f6glich. <\/p>\n

GeForce Experience-Treiber-Schwachstellen<\/h2>\n

Nachfolgend findet sich die Beschreibung der Schwachstellen zum GeForce Experience-Treiber: <\/p>\n\n\n\n\n\n\n
Description<\/b><\/td>\nBase Score<\/b><\/td>\n<\/tr>\n
CVE\u20112019\u20115701<\/td>\nNVIDIA GeForce Experience contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure or escalation of privileges through code execution. AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A<\/a><\/td>\n7.8<\/td>\n<\/tr>\n
CVE\u20112019\u20115689<\/td>\nNVIDIA GeForce Experience contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved.This behavior may lead to code execution, denial of service, or information disclosure. AV:L\/AC:H\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/td>\n6.7<\/td>\n<\/tr>\n
CVE\u20112019\u20115695<\/td>\nNVIDIA GeForce Experience contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/td>\n6.5<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Betroffen sind alle GeForce Experience-Treiberpakete f\u00fcr Windows vor der Version
3.20.1. Das Update auf die Version 3.20.1 beseitigt diese Schwachstellen. <\/p>\n

Geforce Experience Treiber-Update<\/a> mit Change-log <\/p>\n

NVIDIA GPU Display-Treiber-Schwachstellen<\/h2>\n<\/p>\n

Nachfolgend findet sich die Beschreibung der Schwachstellen zum NVIDIA GPU Display-Treiber: <\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n
CVE<\/b><\/td>\nDescription<\/b><\/td>\nBase Score<\/b><\/td>\n<\/tr>\n
CVE\u20112019\u20115690<\/td>\nNVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys<\/kbd>) handler for DxgkDdiEscape<\/kbd> in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges.
AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H<\/a><\/td>\n		7.8<\/td>\n<\/tr>\n
CVE\u20112019\u20115691<\/td>\nNVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys<\/kbd>) handler for DxgkDdiEscape<\/kbd> in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges. AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H<\/a><\/td>\n7.8<\/td>\n<\/tr>\n
CVE\u20112019\u20115692<\/td>\nNVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys<\/kbd>) handler for DxgkDdiEscape<\/kbd> in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service.  AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:H\/A:H<\/a><\/td>\n7.1<\/td>\n<\/tr>\n
CVE\u20112019\u20115693<\/td>\nNVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys<\/kbd>) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service. AV:L\/AC:L\/PR:L\/UI:N\/S:C\/C:N\/I:N\/A:H<\/a><\/td>\n6.5<\/td>\n<\/tr>\n
CVE\u20112019\u20115694<\/td>\nNVIDIA Windows GPU Display Driver contains a vulnerability in NVIDIA Control Panel<\/b> in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access. AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/td>\n6.5<\/td>\n<\/tr>\n
CVE\u20112019\u20115695<\/td>\nNVIDIA Windows GPU Display Driver contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. AV:L\/AC:L\/PR:H\/UI:R\/S:U\/C:H\/I:H\/A:H<\/a><\/td>\n6.5<\/td>\n<\/tr>\n
CVE\u20112019\u20115696<\/td>\nNVIDIA Virtual GPU Manager contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service.
AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H<\/a><\/td>\n		5.5<\/td>\n<\/tr>\n
CVE\u20112019\u20115697<\/td>\nNVIDIA Virtual GPU Manager contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service.
AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L<\/a><\/td>\n		5.3<\/td>\n<\/tr>\n
CVE\u20112019\u20115698<\/td>\nNVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service. AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:L\/A:H<\/a><\/td>\n5.1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Betroffen sind alle NVIDIA GPU Display-Treiberpakete f\u00fcr Windows aus der nachfolgenden Tabelle.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n
CVEs Addressed<\/b><\/th>\nSoftware Product<\/b><\/th>\nOperating System<\/b><\/th>\nAffected Versions<\/b><\/th>\nUpdated Versions<\/b><\/th>\n<\/tr>\n<\/thead>\n
CVE\u20112019\u20115690
CVE\u20112019\u20115691
CVE\u20112019\u20115692
CVE\u20112019\u20115693
CVE\u20112019\u20115695<\/td>\n		GeForce<\/td>\nWindows<\/td>\nAll R440 versions prior to 441.12<\/td>\n441.12<\/td>\n<\/tr>\n
Quadro, NVS<\/td>\nWindows<\/td>\nAll R440 versions prior to 441.12<\/td>\n441.12<\/td>\n<\/tr>\n
All R430 versions<\/td>\nAvailable the week of November 18, 2019<\/td>\n<\/tr>\n
All R418 versions<\/td>\nAvailable the week of November 18, 2019<\/td>\n<\/tr>\n
Tesla<\/td>\nWindows<\/td>\nAll R440 versions<\/td>\nAvailable the week of November 18, 2019<\/td>\n<\/tr>\n
All R418 versions<\/td>\nAvailable the week of November 18, 2019<\/td>\n<\/tr>\n
CVE\u20112019\u20115690
CVE\u20112019\u20115691
CVE\u20112019\u20115692
CVE\u20112019\u20115693
CVE\u20112019\u20115694
CVE\u20112019\u20115695<\/td>\n		Quadro, NVS<\/td>\nWindows<\/td>\nAll R390 versions<\/td>\nAvailable the week of November 18, 2019<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Laut obiger Tabelle stehen noch nicht f\u00fcr alle Produkte Treiberupdates zur Verf\u00fcgung, das Update ist f\u00fcr den 18. November 2019 angek\u00fcndigt. <\/p>\n

NVIDIA Driver Treiber-Update-Seite<\/a><\/p>\n

Die aktualisierten Treiber sollten \u00fcber Auto-Update bereitgestellt werden, k\u00f6nnen aber auch bei Verf\u00fcgbarkeit \u00fcber die Update-Seiten heruntergeladen werden. Einige Einsch\u00e4tzungen zu den Schwachstellen finden sich auch hier<\/a>. (via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"

[English]Im Nvidia GeForce Experience- und im GPU-Treiber gibt es gleich mehrere gravierende Schwachstellen, die lokalen Angreifern eine Privilegien-Erh\u00f6hung erm\u00f6glicht. Nvidia hat ein Treiberupdate bereitgestellt.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,7459,301],"tags":[1192,4328,115,4315],"class_list":["post-224684","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-software","category-windows","tag-nvidia","tag-sicherheit","tag-treiber","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/224684","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=224684"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/224684\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=224684"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=224684"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=224684"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}