CVE-2019-5670
HIGHNVIDIA Windows GPU Display Driver - Memory Corruption in DxgkDdiEscape Handler
Title source: llmDescription
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape in which the software uses a sequential operation to read from or write to a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service, escalation of privileges, code execution or information disclosure.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://nvidia.custhelp.com/app/answers/detail/a_id/4772
Various Sources x_refsource_confirm
http://support.lenovo.com/us/en/solutions/LEN-26250
Scores
CVSS v3
7.8
EPSS
0.0005
EPSS Percentile
14.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (1)
nvidia/gpu_driver
Published
Feb 27, 2019
Tracked Since
Feb 18, 2026