CVE-2019-5687

Name of the Vulnerable Software and Affected Versions NVIDIA Windows GPU Display Driver (all versions)

Description The issue is related to an incorrect use of default permissions for an object in the kernel mode layer handler for DxgkDdiEscape, exposing it to an unintended actor. This vulnerability in the NVIDIA Windows GPU Display Driver is associated with errors in permission handling, which can be exploited to disclose protected information or cause a denial of service.

Recommendations For all versions, consider restricting access to the nvlddmkm.sys handler for DxgkDdiEscape until a patch is available. As a temporary workaround, avoid using the DxgkDdiEscape function in the NVIDIA Windows GPU Display Driver to minimize the risk of exploitation.