Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
NVIDIA Graphics remote out-of-bounds execution vulnerabilities
Discovered by Piotr Bania.
NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between the operating system and the GPU device. This software is required in most cases for the hardware device to function properly.
Talos discovered multiple out-of-bounds read vulnerabilities in Nvidia that could be triggered remotely in virtualized environments, via web browser, potentially leading to disclosure of sensitive information and further memory corruption. Researchers used RemoteFX; while recently deprecated by Microsoft, some older machines may still use this software.
Advisories related to these vulnerabilities:TALOS-2024-1955 (CVE-2024-0121)TALOS-2024-2012 (CVE-2024-0117)TALOS-2024-2013 (CVE-2024-0118)TALOS-2024-2014 (CVE-2024-0120)TALOS-2024-2015 (CVE-2024-0119)
LevelOne wireless SOHO router vulnerabilities
Discovered by Patrick DeSantis and Francesco Benvenuto.
Eleven vulnerabilities of different types were discovered in the LevelOne WBR-6012 SOHO router.
The LevelOne WBR-6012 is a low-cost wireless SOHO router, mar ..
Support the originator by clicking the read the rest link below.
