CVE-2019-5677

Name of the Vulnerable Software and Affected Versions NVIDIA Windows GPU Display driver software for Windows (all versions)

Description The issue is related to a buffer access mechanism in the kernel mode layer handler for DeviceIoControl, specifically in the nvlddmkm.sys software. This may lead to a denial of service due to the software reading from a buffer using indexes or pointers that reference memory locations after the targeted buffer. The vulnerability is also described as a buffer overflow in memory, which can be exploited to cause a denial of service.

Recommendations For all versions, consider applying a patch or update from NVIDIA to fix the vulnerability in the nvlddmkm.sys handler for DeviceIoControl. As a temporary workaround, consider restricting access to the DeviceIoControl function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.