Support

NVIDIA Windows Privilege Delegation Escalation

NVIDIA Windows Privilege Delegation Escalation

RSS

NVIDIA Windows Privilege Delegation Escalation

Lenovo Security Advisory:  LEN-2015-008
Potential Impact:  Escalation of Privilege
Severity: Medium

Summary:
The NVIDIA Display Driver’s kernel administrator check improperly validates local client impersonation levels in some cases.

Description:
This vulnerability can only be exploited by a user with local access to the machine.  Under certain conditions, a local user on the system can use improper impersonation behaviors of NVIDIA driver API’s to access resources that are intended for kernel access only. Under these conditions, this behavior may lead to privilege escalation of the local user account, leading to a system compromise.
This vulnerability affects all GPUs with Windows XP, Windows Vista, Windows 7, and Windows Server 2008/2008 R2 systems using NVIDIA GPU Display Driver components, or derived packages which use NVIDIA GPU Display Driver components.
Because Windows XP is no longer supported by Microsoft, NVIDIA will not be releasing an updated driver.  For Windows Vista, we recommend installing the NVIDIA reference driver.  Windows 8 and later Windows operating systems are not vulnerable due to changes in the implementation of the kernel function which the driver relies on for the security check.

Mitigation Strategy for Customers (what you should do to protect yourself):
Lenovo is currently qualifying the updated NVIDIA driver across all applicable impacted products..  The updated driver will be posted to the Lenovo Support site for affected products as qualification testing is completed.  Review the Product Impact section below for the list of affected products.  Once the driver has been qualified for the affected product, you will be able to link directly to the driver download page.   You should visit this security advisory often to find links to the latest qualified driver for your product.
If this vulnerability puts you at an unacceptable level of risk and you want to mitigate before the Lenovo-certified driver is available for your product, you can visit the NVIDIA security webpage (www.nvidia.com/security) to download and install the reference driver.  Please be aware that the reference driver has not been qualified by Lenovo.  If you experience problems as a result of installing the driver from the NVIDIA support site, please contact NVIDIA directly.  When the Lenovo-certified driver is available for download from the Lenovo Support site, Lenovo recommends that you uninstall the NVIDIA reference driver, and upgrade to the Lenovo Support site version.

Product Affected

Click to expand for more info

arThinkStation

System Status Minimum  version of Nvidia Display Driver
including Fix		 Link 
ThinkStation C30 
(type 1095, 1096, 1097)		 Affected 341.44 http://support.lenovo.com/us/en/products/workstations/thinkstation-c-series-workstations/thinkstation-c30?c=1
ThinkStation C30 
(type 1136, 1137)		 Affected 341.44 http://support.lenovo.com/us/en/products/workstations/thinkstation-c-series-workstations/thinkstation-c30?c=1
ThinkStation D30  
(type 4223, 4228, 4229) 		 Affected 341.44 http://support.lenovo.com/us/en/products/workstations/thinkstation-d-series-workstations/thinkstation-d30?c=1
ThinkStation D30  
(type 4353, 4354) 		 Affected 341.44 http://support.lenovo.com/us/en/products/workstations/thinkstation-d-series-workstations/thinkstation-d30?c=1
ThinkStation E31 Affected 9.18.13.4144 http://support.lenovo.com/us/en/products/workstations/thinkstation-e-series-workstations/thinkstation-e31?c=1
ThinkStation E32 Affected 9.18.13.4752 http://support.lenovo.com/us/en/products/workstations/thinkstation-e-series-workstations/thinkstation-e32?c=1
ThinkStation P300 Affected 9.18.13.4752 http://support.lenovo.com/us/en/products/workstations/thinkstation-p-series-workstations/thinkstation-p300?c=1
ThinkStation P500 Affected 9.18.13.4752 http://support.lenovo.com/us/en/products/workstations/thinkstation-p-series-workstations/thinkstation-p500?c=1
ThinkStation P700 Affected 9.18.13.4752 http://support.lenovo.com/us/en/products/workstations/thinkstation-p-series-workstations/thinkstation-p700?c=1
ThinkStation P900 Affected 9.18.13.4752 http://support.lenovo.com/us/en/products/workstations/thinkstation-p-series-workstations/thinkstation-p900?c=1
ThinkStation S30 Affected 341.44 http://support.lenovo.com/us/en/products/workstations/thinkstation-s-series-workstations/thinkstation-s30?c=1
ThinkStation S30 Affected 341.44 http://support.lenovo.com/us/en/products/workstations/thinkstation-s-series-workstations/thinkstation-s30?c=1

arThinkServer & Storage

Note: If you have added an NVIDIA graphics card to your system, you may be affected by this security vulnerability and should take the actions necessary to protect yourself.

 

System Status Minimum  version of Nvidia Display Driver
including Fix		 Link 
ThinkServer RD330 Not affected  
ThinkServer RD340 Not affected  
ThinkServer RD350 Not affected  
ThinkServer RD430 Not affected  
ThinkServer RD440 Not affected  
ThinkServer RD450 Not affected  
ThinkServer RD530 Not affected  
ThinkServer RD540 Not affected  
ThinkServer RD550 Not affected  
ThinkServer RD630 Not affected  
ThinkServer RD640 Not affected  
ThinkServer RD650 Not affected  
ThinkServer RS140 Not affected  
ThinkServer TD340 Affected 321.19/341.44 http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-td340?c=1
ThinkServer TD350 Not affected  
ThinkServer TS130 Affected 321.19/341.44 http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-ts130?c=1
ThinkServer TS140 Affected 321.19/341.44 http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-ts140?c=1
ThinkServer TS240 Affected 321.19  http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=61165
ThinkServer TS430 Not affected  
ThinkServer TS440 Affected 321.19/341.44 http://support.lenovo.com/us/en/products/servers/thinkserver-tower-servers/thinkserver-ts440?c=1
ThinkServer TS540 Affected 321.19  http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=61165

arThinkPad

Note: If you have added an NVIDIA graphics card to your system, you may be affected by this security vulnerability and should take the actions necessary to protect yourself.

System Status Minimum version of Nvidia Display Driver
including Fix		 Link 
ThinkPad E450/E450c Not affected
ThinkPad E550/E550c Not affected
ThinkPad Edge E130 Not affected
ThinkPad Edge E145 Not affected
ThinkPad Edge E330 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad Edge E430/E530 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad Edge E431/E531 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad Edge E440/E540 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad Edge E455/E555 Not affected
ThinkPad Helix Not affected
ThinkPad L430 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad L530 Not affected
ThinkPad L440 Affected 9.18.13.4520 http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-l-series-laptops/thinkpad-l440?c=1
ThinkPad L540 Not affected
ThinkPad L450 Not affected
ThinkPad S1 Yoga (Non-vPro) Not affected
ThinkPad S1 Yoga (vPro) Not affected
ThinkPad S3 Yoga 14 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad S5 Yoga 15 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad S430 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad S431 Not affected
ThinkPad S440 Not affected
ThinkPad S531 Not affected
ThinkPad S540 Not affected
ThinkPad T430 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T430s Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T430u Affected 9.18.13.4520 http://support.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t430u
ThinkPad T431s Not affected
ThinkPad T440/T440s Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T440p Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T450 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T450s Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T530 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T540p Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad T550 Not affected
ThinkPad Tablet 10 (32-bit) Not affected
ThinkPad Tablet 10 (64-bit) Not affected
ThinkPad Tablet 2 Not affected
ThinkPad Tablet 8 (32-bit) Not affected
ThinkPad Tablet 8 (64-bit Not affected
ThinkPad Twist/Edge S230 Not affected
ThinkPad W530 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad W540 Affected 9.18.13.4520 http://support.lenovo.com/us/en/downloads/DS033666
ThinkPad W550s Not affected
ThinkPad X1 Carbon (20A7,20A8) Not affected
ThinkPad X1 Carbon (34xx) Not affected
ThinkPad X131e (AMD) Not affected
ThinkPad X131e (Intel) Not affected
ThinkPad X140e (AMD) Not affected
ThinkPad X230 Not affected
ThinkPad X230s Not affected
ThinkPad X230t Not affected
ThinkPad X240/X240s Not affected
ThinkPad Yoga 11e Not affected

arThinkCentre

Note: If you have added an NVIDIA graphics card to your system, you may be affected by this security vulnerability and should take the actions necessary to protect yourself.

System Status Minimum  version of Nvidia Display Driver
including Fix		 Link 
ThinkCentre E73 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre E73Z Not Affected
ThinkCentre E93 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre E93Z Affected 9.18.13.4752 http://support.lenovo.com/us/en/downloads/DS102509
ThinkCentre Edge 62z Not affected
ThinkCentre Edge 72 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre Edge 72z Not affected
ThinkCentre Edge 91 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre Edge 92  Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre Edge 92z Not affected
ThinkCentre M62Z Not affected
ThinkCentre M72e (Ivy) Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M72e (PCI) Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M72e (Tiny) Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M72z Not affected  
ThinkCentre M73 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M73 Tiny Not affected
ThinkCentre M73Z Not affected
ThinkCentre M78  (type 1562, 1565, 1662, 1663, 1766, 2111, 2113, 2114, 4860, 4863, 4865, 4866, 5100)  Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M78 (type 10BN, 10BQ, 10BR, 10BS, 10BT, 10BU)  Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M71e Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M77 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M80 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M81 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M82 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M83 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M83Z Not affected
ThinkCentre M90 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M90p Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M91 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M91P Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M92 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M92P Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M92Z Not affected
ThinkCentre M93 Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M93P Affected 347.52 http://support.lenovo.com/us/en/downloads/DS041866
ThinkCentre M93P Tiny Not affected
ThinkCentre M93Z Not affected

arSoftware

Application Status
Delopy Manager Not affected
Diagnostic Not affected
Easy Manager Not affected
Easy Updater Not affected
Energy manager Not affected
OSPUT Not affected
Partner Pack Not affected
Power Planner Not affected
TSMCLI Not affected

arLenovo EMC

System Status
LenovoEMC EZ Media & Backup (hm3) Not affected
LenovoEMC Home Media Cloud Edition (hm2) Not affected
LenovoEMC ix12-300r Not affected
LenovoEMC ix2 (inc DL) Not affected
LenovoEMC ix2-200 Not affected
LenovoEMC ix2-200 Cloud Edition Not affected
LenovoEMC ix4-200d  Not affected
LenovoEMC ix4-200d (2.1.x firmware) Not affected
LenovoEMC ix4-200d Cloud Edition Not affected
LenovoEMC ix4-300d (inc DL) Not affected
LenovoEMC px12-350r Not affected
LenovoEMC px12-400r Not affected
LenovoEMC px12-450r Not affected
LenovoEMC px2-300d (inc NVR) Not affected
LenovoEMC px4-300d (inc NVR) Not affected
LenovoEMC px4-300r Not affected
LenovoEMC px4-400d (inc NVR) Not affected
LenovoEMC px4-400r Not affected
LenovoEMC px6-300d Not affected

Acknowledgements: None

Other information and references:

Revision History:

Revision

Date

Description
1.5 2015-07-15  Publish additional fixes 
1.4 2015-06-30  Publish additional fixes 
1.3 2015-05-17  Publish additional fixes 
1.2 2015-03-25  Publish additional fixes 
1.1 2015-03-17  Publish additional fixes 
1.0 2015-03-03 Initial release

 

Alias Id:NVIDIA_WINDOWS_PRIVILEGE
Document ID:PS500058
Original Publish Date:06/27/2016
Last Modified Date:06/27/2016
X

Lenovo uses cookies to improve your experience.

Visit our Cookie Consent Tool to manage your preferences, or our Privacy Policy for more information.

Back to Previous Page
X
lenovo

Information We Collect About You

We want to be transparent about the data we and our partners collect and how we use it, so you can best exercise control over your personal data. For more information, please see our Privacy Policy.

Our cookie consent tool offers you greater visibility and control over how your preferences are stored on the site. However, some third party cookies have been temporarily classified as essential, meaning some cookies will drop that are not actually necessary for the functioning of the site. We are working to fix the issue, but you can still block essential cookies through your browser tools.

Information Our Partners Collect

We use the following partners to better improve your overall web browsing experience. They use cookies and other mechanisms to connect you with your social networks and tailor advertising to better match your interests. You can elect to opt-out of this information collection by unticking the boxes below.

Categories
1 of 1 allowed
Essential Required

We rely on cookies, javascript, and other web technologies to serve key—or essential—elements on the site. This may include things like your language preferences or server-based cookies intended to keep our site running and operational. If disabled, your site experience will likely be impacted.

Analytics

We use analytics to improve our website by better understanding how often users visit the site, what pages they visit most, and how long they spend on our site. We'll rely on cookies and third-party partners to track these actions and behaviors. Click on one of the partner names to learn more.

Vendors
Name Required

Website:

In Their Own Words

What data does this company collect?

Data Collected

Anonymous:

Pseudonymous:

PII:

Sensitive:

Data Sharing

Data Retention

Data Use

Data Storage

Adobe