NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches

[R-T-B]

Why does the majority of exploits always require local access?

Because most code doesn't feature a netstack.

Because the way they work requires direct access to the hardware. Remote attacks are either extremely difficult or impossible.

It's nothing to do with that, really. It's more that nvidia is not stupid and has not given their core driver network access.

Linus said "fuck 'em" and AMD didn't bother fixing "if someone can put shit onto your BIOS, it means someone can put shit on your computer", as terribly vulnerably vulnerable it is, I think.

It was a code signature verification exploit that actually did get patched in later AGESA.

The whole idea behind trusted execution is that someone CAN write to your bios and get nowhere, really. The sigcheck fails (or should).

Then they can use this exploit to execute code locally.

Without admin rights, they can get admin rights.

That's the concern here.

 

[lexluthermiester]

It's nothing to do with that, really. It's more that nvidia is not stupid and has not given their core driver network access.

That's not always needed.

 

[R-T-B]

That's not always needed.

You need to exploit something with a netstack to get a foothold to begin ANY code execution. No port? No exploit surface. So yeah, it is. If nothing is network aware good luck talking to a machine that is quite literally mute.

I would not be surprised if someday the nvidia telemetry components come back and bite them though... they most certainly talk to the net.

 

[phanbuey]

You need to exploit something with a netstack to get a foothold to begin ANY code execution. No port? No exploit surface. So yeah, it is. If nothing is network aware good luck talking to a machine that is quite literally mute.

I would not be surprised if someday the nvidia telemetry components come back and bite them though... they most certainly talk to the net.

I kind of hope that they do. There really is no reason why I need my graphics card that i use to play stupid video-games sending back data to nvidia.

 

[moproblems99]

Why does the majority of exploits always require local access?

It doesn't really matter because many attacks are a chain of exploits anyway. It is almost never one and done.

 

[lexluthermiester]

You need to exploit something with a netstack to get a foothold to begin ANY code execution. No port? No exploit surface. So yeah, it is. If nothing is network aware good luck talking to a machine that is quite literally mute.

Code injections don't need such a vector of attack.

 

[R-T-B]

Code injections don't need such a vector of attack.

Ah. I suppose you mean like something executed via say a trojan horse on a usb stick that then opens more facilities to the attacker?

Touche. It's certainly doable for high value targets.

 

[lexluthermiester]

Ah. I suppose you mean like something executed via say a trojan horse on a usb stick that then opens more facilities to the attacker?

Touche. It's certainly doable for high value targets.

And a few others, yeah. The catch is, it has to be an admin account that runs any such injection.