CVE-2019-7630

Name of the Vulnerable Software and Affected Versions Gigabyte APP Center version 19.0227.1 and earlier

Description An issue was discovered in the gdrv.sys driver. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.

Recommendations For Gigabyte APP Center version 19.0227.1 and earlier, update to version 19.0227.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the IOCTL 0xC3502580 to minimize the risk of exploitation.