CVE-2018-19321

Name of the Vulnerable Software and Affected Versions GIGABYTE APP Center versions 1.05.21 and earlier AORUS GRAPHICS ENGINE versions prior to 1.57 XTREME GAMING ENGINE versions prior to 1.26 OC GURU II version 2.08 and earlier

Description The issue is related to the GPCIDrv and GDrv low-level drivers, which expose functionality to read and write arbitrary physical memory due to an open IOCTL with insufficient access control. This could be leveraged by a local attacker to elevate privileges.

Recommendations For GIGABYTE APP Center versions 1.05.21 and earlier, update to a version later than 1.05.21. For AORUS GRAPHICS ENGINE versions prior to 1.57, update to version 1.57 or later. For XTREME GAMING ENGINE versions prior to 1.26, update to version 1.26 or later. For OC GURU II version 2.08 and earlier, update to a version later than 2.08.