Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

nvidia

In all, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021.

Nvidia, which makes gaming-friendly graphics processing units (GPUs), on Thursday fixed a slew of high-severity flaws affecting its graphics driver. The vulnerabilities allow bad actors to cripple systems with denial of service attacks, escalate privileges, tamper with data or sniff out sensitive data.

Affected is Nvidia’s graphics driver (formally known as the GPU Display Driver) for Windows. The graphics driver is used in devices targeted to enthusiast gamers; it’s the software component that enables the device’s operating system and programs to use its high-level, gaming-optimized graphics hardware.

Nvidia’s Thursday security update addresses flaws tied to 16 CVEs overall. The most severe of these (CVE‑2021‑1051) is an issue in the graphic drivers’ kernel mode layer. This flaw ranks 8.4 out of 10 on the CVSS scale, making it high severity.

2020 Reader Survey: Share Your Feedback to Help Us Improve

Kernel mode is generally reserved for the lowest-level, most trusted functions of the operating system; in this case, the layer (nvlddmkm.sys) handler for the DxgkDdiEscape interface contains a glitch where an operation is performed that could be abused to launch a denial-of-service (DoS) attack or escalate privileges.

Another high-severity flaw (CVE‑2021‑1052) in this same kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape could allow user-mode clients to access legacy privileged application programming interfaces (APIs). According to Nvidia, this “may lead to denial of service, escalation of privileges, and information disclosure.”

Nvidia also stomped out four medium-severity flaws in its graphics driver. Three of these (CVE‑2021‑1053, CVE‑2021‑1054, CVE‑2021‑1055) also stem from the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, while the fourth (CVE‑2021‑1056) exists in a kernel mode layer (nvidia.ko) that does not completely honor operating system file system permissions to provide GPU device-level isolation. That could allow for DoS or information disclosure.

Beyond its graphics drivers, Nvidia warned of flaws tied to nine high-severity CVEs in its virtual GPU (vGPU) software. Nvidia’s vGPU creates graphics-forcused virtual desktops and workstations in tandem with the company’s data center Tesla accelerator GPUs.

vGPU Software Flaws

Many of the flaws addressed in Nvidia’s Thursday security advisory stem from Nvidia’s vGPU manager, its tool that enables multiple virtual machines to have simultaneous, direct access to a single physical GPU, while also using Nvidia graphics drivers deployed on non-virtualized operating systems.

One high-severity flaw in exists in a plugin within the vGPU manager (CVE‑2021‑1057). This issue could allow guests to allocate some resources for which they are not authorized – which according to Nvidia could lead to data integrity and confidentiality loss, DoS and information disclosure. The vGPU manager also contains a flaw in the vGPU plugin (CVE‑2021‑1059), in which an input index is not validated, which could lead to integer overflow. A race condition (CVE‑2021‑1061) in the vGPU plugin of the vGPU manager could essentially trick it into using a previously validated resource that has since changed, which may lead to DoS or information disclosure.

And, in another Nvidia vGPU plugin issue (CVE‑2021‑1065), input data is not validated, which may lead to tampering of data or DoS.

Various Nvidia GeForce Windows and Linux driver branches are affected; Nvidia has released a full list of affected versions and updated driver versions on its security advisory. The graphics chip manufacturer has likewise released fixes for specific versions of the vGPU software affected by these flaws on its website.

The security advisory is Nvidia’s first in 2021. Last year, the company issued its fair share of patches; including fixes for two high-severity flaws in the Windows version of its GeForce Experience software, and a patch for a critical bug in its high-performance line of DGX servers, both in October; and a high-severity flaw in its GeForce NOW application software for Windows in November.

Supply-Chain Security: A 10-Point Audit Webinar: Is your company’s software supply-chain prepared for an attack? On Wed., Jan. 20 at 2p.m. ET, start identifying weaknesses in your supply-chain with actionable advice from experts – part of a limited-engagement and LIVE Threatpost webinar. CISOs, AppDev and SysAdmin are invited to ask a panel of A-list cybersecurity experts how they can avoid being caught exposed in a post-SolarWinds-hack world. Attendance is limited: Register Now and reserve a spot for this exclusive Threatpost Supply-Chain Security webinar — Jan. 20, 2 p.m. ET.

Suggested articles

Discussion

  • Anonymous on

    I was playing on GFN and heard audio I wasn't playing mixed with my games audio. First an ad for a game, then a Bob Ross episode.
  • Emi on

    So should i download the new drivers or not? I really dont understand if its the newest driver which is the problem or did they fix it in This new driver ?
  • TMcGee on

    Yes download most recent driver directly from Nvidia's site. Nvidia would have removed the flawed driver by now. https://www.nvidia.com/Download/index.aspx
  • Anonymous on

    You could have said which version number was the problem and which fixes it.
  • JS on

    It's okay, NVidia doesn't make graphics cards for gamers anymore, anyway. They only make mining cards now.
  • Eli on

    Downloaded this new driver, and it crippled my PC. I went from playing at around 120fps on Warzone to barely being able to scrape 30. Even playing Fortnite on the lowest settings, I can barely get my head above 50 fps, and I used to play that at around 200.
  • Kai D. on

    How would I go about resolving a situation if it's happening to me? Just contact nvidia from any ol support ticket?
  • Ricardo on

    Yeah wtf is with this story. Download the new driver or no.
  • AGAMEMNON on

    So on top of not being able to supply gpus, they give away my data. Noice!
  • Ant Man on

    The drivers since December have only gotten worse. Incremental decrease in performance on my 1080 ti, i rolled back to a driver from October and everything is reliable again.
  • Anonymous on

    Use 461.09 or later
  • Xiao Wentworth on

    Brilliant blog...

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.