CVE-2019-5676

Description

NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution.

Affected products

• NVIDIA / NVIDIA GPU Display DriverAll – All

References

• MISChttps://nvidia.custhelp.com/app/answers/detail/a_id/4797
• MISChttps://nvidia.custhelp.com/app/answers/detail/a_id/4806
• MISChttps://support.lenovo.com/us/en/product_security/LEN-27815
• MISChttps://nvidia.custhelp.com/app/answers/detail/a_id/4841