[German] nVidia has just updated its Linux/Windows drivers. The reason was, that there were twelfe serious vulnerabilities in old version of nVidia kernel mode drivers.
I have come across this information on Twitter these days. The guys from Sophos are pointing out this security issue.
— Sophos IT-Sicherheit (@sophos_info) June 26, 2020
The blog post here, dated June 25, 2020, provides further information. There are serious vulnerabilities in older kernel drivers for Linux and Windows.
NVIDIA has fixed 12 different CVE-tagged vulnerabilities with an updated driver, consecutively numbered from CVE-2020-5962 to CVE-2020-5973. However, the vendor has not yet released details of the vulnerabilities.
As far as the people at Sophos know, none of the bugs can be remotely triggered, so these are not RCE vulnerabilities that have been closed. However, as is very common with kernel security flaws, they could allow attackers to carry out so-called information disclosure attacks or privilege escalation attacks.
Because the kernel contains information about the entire system, including details such as which processes are allowed to access which locations, the ability to tinker around in the kernel is usually a privilege reserved for top-level system administrators.
Kernel bugs that allow normal users to look into the protected memory areas of the kernel are therefore dangerous, as they can often be exploited by criminals to grant themselves permanent administrator privileges without knowing administrator passwords.
Further details can be found in the Sophos blog linked above. The colleagues at Bleeping Computer have published more details about these vulnerabilities and the patches in this article.
Cookies helps to fund this blog: Cookie settings