CVE-2023-31027: NVIDIA Addresses High-Risk Vulnerability in Latest GPU Driver Update
Recently, NVIDIA released the new GeForce 474.64 WHQL driver for its Kepler architecture-based GeForce GTX 600/700 series graphics cards, remedying multiple security vulnerabilities.
The most critical among them is CVE-2023-31027, which boasts a CVSS score of 8.2 out of a potential 10, indicating a high level of danger. As described by NVIDIA, this vulnerability resides within the NVIDIA GPU graphics driver for Windows. During GPU driver updates by an administrator, users with lower-level Windows permissions could potentially escalate their privileges, resulting in a heightened security risk.
The vulnerabilities are as follows –
| CVE ID | Description | Base Score | |
|---|---|---|---|
| CVE-2023-31027 | NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges. | 8.2 | |
| CVE‑2023‑31019 | NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client’s secure context. |
7.8 | |
| CVE‑2023‑31017 | NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | 7.8 | |
| CVE‑2023‑31016 | NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | 7.3 | |
| CVE‑2023‑31020 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering. | 6.1 | |
| CVE‑2023‑31022 | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. | 5.5 | |
| CVE‑2023‑31023 | NVIDIA Display Driver for Windows contains a vulnerability where an attacker may cause a pointer dereference of an untrusted value, which may lead to denial of service. | 5.5 |
Since ceasing support for Kepler architecture products after the release of the GeForce R470 GA5 driver on August 31, 2021, NVIDIA has continued to provide security updates to users of these graphics cards until September 2024.
Presently, the upgrades to the Game Ready drivers—including performance enhancements, new features, and bug fixes—are exclusively available to GPUs based on the Maxwell, Pascal, Turing, Ampere, and Ada Lovelace architectures. This means only Maxwell architecture products within the GeForce GTX 700 series, specifically the GeForce GTX 750 Ti, GeForce GTX 750, and GeForce GTX 745, will continue to receive support.
