CVE-2019-5670 Information

Description

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service escalation of privileges code execution or information disclosure.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://support.lenovo.com/us/en/solutions/LEN-26250 https://nvidia.custhelp.com/app/answers/detail/a_id/4772

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8