CVE-2019-5692: Out-of-bounds Read
First published: Sat Nov 09 2019(Updated: )
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Driver | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-5692?
CVE-2019-5692 is a vulnerability in the NVIDIA Windows GPU Display Driver that can result in escalation of privileges or denial of service.
How does CVE-2019-5692 affect NVIDIA Windows GPU Display Driver?
CVE-2019-5692 affects all versions of the NVIDIA Windows GPU Display Driver.
What is the severity of CVE-2019-5692?
CVE-2019-5692 has a severity score of 7.8 (high).
How can CVE-2019-5692 be exploited?
CVE-2019-5692 can be exploited by using untrusted input to calculate or use an array index in the kernel mode layer handler for DxgkDdiEscape.
Is there a fix for CVE-2019-5692?
Yes, NVIDIA has released a fix for CVE-2019-5692. Please refer to the NVIDIA website for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/nvidia
- canonical/nvidia gpu driver
- vendor/microsoft
- canonical/microsoft windows