CVE-2019-5675

Name of the Vulnerable Software and Affected Versions NVIDIA Windows GPU Display driver software for Windows (all versions)

Description The issue is related to errors in synchronizing shared data, such as static variables across threads, in the DxgkDdiEscape function of the NVIDIA graphics processor software. This can lead to undefined behavior and unpredictable data changes. Exploitation of this issue may allow an attacker to cause a denial of service, escalate privileges, or disclose protected information.

Recommendations For all versions, consider disabling the DxgkDdiEscape function as a temporary workaround until a patch is available. Restrict access to the kernel mode layer handler to minimize the risk of exploitation. Avoid using shared data across threads in the affected handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.