Nvidia GPU Display Drivers Could Be Exploited To Launch DoS Attack

Nvida GPU Display Drivers
Images: Shutterstock

Nvidia GPU display drivers could be on the radar of hackers. According to the latest news, Nvidia is prompting Geforce graphics card owners running Windows OS, to update their drivers.

The three severe flaws in Nvidia GPUs were discovered by Kushal Arvind Shah from Fortinet’s FortGuard Labs. The vulnerability could allow hackers to steal information, gain administrative access on users PC or worse, launch a DoS (Denial of Service) attack.

Nvidia GPU Display Drivers Need To Be Updated ASAP

If you’re running any latest Nvidia Geforce graphics card, be it on your desktop or laptop, then you need to upgrade it asap.

The Nvidia GPR Display driver has a vulnerability termed CVE-2019-5675 in its kernel mode (nvlddmkm.sys) for DxgkDdiEscape. This exploit does not synchronize data such as static variables across threads. It could lead to a DoS attack.

Another vulnerability is termed CVE-2019-5676, which could be used to launch a DLL attack. Nvidia GPU Display drivers load the Windows system DLL incorrectly without any sign validation. Hackers can run a custom DLL in Current Working Directory and trick the system into granting them access.

DLL Attacks
When an attacker gains control of one of the Current Working Directories or CWD, they can plant a custom DLL (Dynamic Link Library) into it. Using this technique the hacker can execute programs with user privilege.

Nvidia has informed its users via a security bulletin and is currently pushing the updates for a number of Geforce graphics cards.

The third vulnerability dubbed CVH-2019-5677 is the least severe of them all. However, it still contains a kernel mode layer vulnerability which can be exploited to cause a DoS attack.

The severity of all these exploits is as follows:

CVE Base Score (Depending on Severity) Vectors
CVE‑2019‑5675 7.7 AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:H
CVE‑2019‑5676 7.2 AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CVE‑2019‑5677 5.6 AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Are All Nvidia GPUs Affected

A number of Nvidia GPUs have several vulnerabilities. Here is a list of all of them:

CVE Nvidia GPU Display Drivers GPU Drivers Affected Updated Safe Versions
GeForce All R430 versions prior to 430.64 430.64
Quadro, NVS
All R430 versions prior to 430.64 430.64
All R418 versions prior to 425.51 425.51
All R400 versions Available the week of May 13
Quadro, NVS All R390 versions Available the week of May 20
All R418 versions prior to 425.25 425.25
All R400 versions Available the week of May 13


Nvidia’s risk assessment is based on CVSS v3 standards.

Laptop manufacturers like Lenovo have started rolling out updates for their Nvidia mobile GPUs. Users can expect an official update from their respective laptop manufacturers very soon.

Also Read: Nvidia GTX 1650 Vs 1660 Vs 1660 Ti GPU For Budget Gaming PC
Yetnesh Dubey

Yetnesh Dubey

Associate Editor at Fossbytes. Yetnesh manages the everyday editorial duties and oversees the writing staff. He occasionally covers news related to electric vehicles and tech.
More From Fossbytes

Latest On Fossbytes

Find your dream job