NVIDIA fixes ten vulnerabilities in Windows GPU display drivers


NVIDIA has released a security update for a wide range of graphics card models, fixing four high-severity and six medium-severity vulnerabilities in its GPU drivers.

The security update resolves vulnerabilities that could lead to denial of service, information disclosure, elevation of privilege, code execution, and more.

Updates have been made available for Tesla, RTX/Quadro, NVS, Studio, and GeForce software products, covering the R450, R470, and R510 driver branches.

CVE fixed for each branch of conductor
CVE fixed for each branch of conductor (NVIDIA)

Interestingly, in addition to current and recent product lines that are actively supported, NVIDIA’s latest release also covers the GTX 600 and GTX 700 Kepler series cards, which ended support in October 2021.

The GPU maker before promised to continue delivering critical security updates for these products through September 2024, and this driver update delivers on that promise.

The four high-severity flaws patched this month are:

  • CVE-2022-28181 (CVSS v3 score: 8.5) – Out of bounds write in kernel mode layer caused by specially crafted shader sent over network, may lead to code execution, denial of service, escalation of privilege , disclosure of information and falsification of data .
  • CVE-2022-28182 (CVSS v3 score: 8.5) – Flaw in DirectX11 user-mode driver that allows an unauthorized attacker to send a specially crafted share over the network and cause denial of service, escalation of privilege, disclosure of information and data falsification.
  • CVE-2022-28183 (CVSS v3 score: 7.7) – Vulnerability in the kernel mode layer, where a regular unprivileged user can cause an out of bounds read, which may lead to denial of service and information disclosure.
  • CVE-2022-28184 (CVSS v3 score: 7.1) – Vulnerability in the Kernel Mode Layer Manager (nvlddmkm.sys) for DxgkDdiEscape, where an ordinary unprivileged user can access admin-privileged registers, which may lead to denial of service, disclosure of information and falsification of data.

These vulnerabilities require low privileges and no user interaction, so they could be embedded in malware, allowing attackers to execute commands with higher privileges.

The first two are exploitable over the network, while the other two are exploited with local access, which could still be useful for malware infecting a system with low privileges.

Cisco Talos, which discovered CVE-2022-28181 and CVE-2022-28182, also published an article today detailing how they triggered the memory corruption flaws by providing a malformed compute shader.

As threat actors can use a malicious in-browser shader by WebAssembly and WebGL, Talos warns that threat actors may be able to trigger this remotely.

“Specially crafted executable/shader can lead to memory corruption. This vulnerability could potentially be triggered by guest machines running virtualization environments (i.e. VMware, qemu, VirtualBox, etc.) in order to ‘Perform guest-to-host evasion. Theoretically, this vulnerability could also be triggered from a web browser using webGL and webassembly’, explains Talos regarding CVE-2022-28181.

For details on all fixes and software and hardware products covered this month, see NVIDIA Security Bulletin.

All users are urged to apply released security updates as soon as possible. Users can download the latest driver for their GPU model from NVIDIA Download Center section, where they can select the specific product and operating system they are using.

Updates can also be applied through NVIDIA’s GeForce Experience suite.

However, if you don’t specifically need the software to save game profiles or use its streaming features, we don’t recommend using it as it introduces unnecessary security risks and resource usage.