Vulnerabilites related to nvidia - geforce_940m
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 03:00
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
psirt@nvidia.com | http://www.securityfocus.com/bid/93986 | Third Party Advisory, VDB Entry | |
psirt@nvidia.com | https://www.exploit-db.com/exploits/40660/ | ||
af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93986 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/40660/ |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 before 342.00, R367 before 369.59, and R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x7000014 donde un valor pasado de un usuario al controlador es utilizado sin validación como el índice de una matriz interna, conduciendo a una denegación de servicio o potencial escalada de privilegios.", }, ], id: "CVE-2016-8812", lastModified: "2024-11-21T03:00:08.290", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:25.850", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93986", }, { source: "psirt@nvidia.com", url: "https://www.exploit-db.com/exploits/40660/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/40660/", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:55
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutar en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-5852 es para la ruta de servicio no citada NVTray Plugin.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>", id: "CVE-2016-5852", lastModified: "2024-11-21T02:55:08.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:05.787", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
psirt@nvidia.com | http://www.securityfocus.com/bid/93256 | Third Party Advisory, VDB Entry | |
psirt@nvidia.com | http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | Third Party Advisory | |
psirt@nvidia.com | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93256 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "353E4EEB-07DE-4BD3-B094-768C6AF43ECC", versionEndExcluding: "341.96", versionStartIncluding: "340", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E97EFE4C-6324-464B-9DCF-B41D78CBB610", versionEndExcluding: "354.99", versionStartIncluding: "352.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "06610350-44CB-41AE-B291-441EFC861C51", versionEndExcluding: "362.77", versionStartIncluding: "361", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E21E09EF-9C01-4B7B-AD77-96055343E2D2", versionEndExcluding: "368.39", versionStartIncluding: "367", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, hay una denegación de servicio Remote Desktop. Una explotación exitosa de la vulnerabilidad del sistema tendría como resultado en un a referencia a puntero nulo del kernel, causando una caída de pantalla azul.", }, ], id: "CVE-2016-4959", lastModified: "2024-11-21T02:53:18.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:01.397", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93256", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:-:*:*:*:*:*:*:*", matchCriteriaId: "4DC7A2F9-5F65-4203-B171-6109E61B5F2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, el componente de servicio NVIDIA NVStreamKMS.sys está validando incorrectamente los datos suministrados por el usuario a través de sus puntos de entrada de la API lo que causa una elevación de privilegios.", }, ], id: "CVE-2016-4960", lastModified: "2024-11-21T02:53:18.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:02.567", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:49
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutarse en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-3161 es para la ruta de servicio no citada GameStream.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>", id: "CVE-2016-3161", lastModified: "2024-11-21T02:49:30.140", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:00.177", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:57
Severity ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | Patch, Vendor Advisory | |
psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
psirt@nvidia.com | http://www.securityfocus.com/bid/94177 | Third Party Advisory, VDB Entry | |
psirt@nvidia.com | https://support.lenovo.com/us/en/solutions/LEN-10822 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94177 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/solutions/LEN-10822 |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_driver:304.131:*:*:*:*:*:*:*", matchCriteriaId: "D39139B8-5709-4C8B-BEE8-CD4B70A4674E", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:340.98:*:*:*:*:*:*:*", matchCriteriaId: "3ABF20C2-69A3-4D04-970D-E88E0020DAD2", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:361.93.02:*:*:*:*:*:*:*", matchCriteriaId: "B4D2D3FF-A8F2-4279-96FC-26128A0437E9", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:367.44:*:*:*:*:*:*:*", matchCriteriaId: "2071AAEF-A450-4093-BFE9-BCC4055F23EF", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:367.54:*:*:*:*:*:*:*", matchCriteriaId: "8A2C1B6C-EEB7-4DA8-B638-CD47789DDB76", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:370.23:*:*:*:*:*:*:*", matchCriteriaId: "DC1FFE9B-3EE1-4450-BECB-B1FE91FF3F06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:telsa_k80:-:*:*:*:*:*:*:*", matchCriteriaId: "9DD67F88-6887-40E1-8484-27D3A9900150", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_c2050:-:*:*:*:*:*:*:*", matchCriteriaId: "A8BE0940-95D9-4EA3-B66B-471D87770679", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_c2070:-:*:*:*:*:*:*:*", matchCriteriaId: "DED2E138-85AB-4C3D-A2EE-2A82F5309932", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_c2075:-:*:*:*:*:*:*:*", matchCriteriaId: "2C2F6A51-E52E-424C-82AD-2276CEDAD23B", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k10:-:*:*:*:*:*:*:*", matchCriteriaId: "824DB61D-A2BC-4E8D-B8BF-C3340A62345C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k20:-:*:*:*:*:*:*:*", matchCriteriaId: "D6778EBC-CF3C-48A4-9F6A-037BA4B2A3EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k20x:-:*:*:*:*:*:*:*", matchCriteriaId: "011ACD20-C0D6-4E19-AE60-50A4A155C925", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k40:-:*:*:*:*:*:*:*", matchCriteriaId: "65E7F28C-8B7B-416A-88CC-970F5EBE36C2", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k8:-:*:*:*:*:*:*:*", matchCriteriaId: "D16D559F-83A8-42CE-A22D-A6519C3F6F61", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k80:-:*:*:*:*:*:*:*", matchCriteriaId: "CAD76737-522F-451E-8B93-B490C23E0517", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2050:-:*:*:*:*:*:*:*", matchCriteriaId: "8D69A7BF-4C1C-4A5A-BB98-1498BFE52B8F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2070:-:*:*:*:*:*:*:*", matchCriteriaId: "0F2544F6-397B-4B24-9809-B335481E43E4", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2075:-:*:*:*:*:*:*:*", matchCriteriaId: "47DFFCDD-1839-4613-AEA8-6AAD1E7B4DA9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2090:-:*:*:*:*:*:*:*", matchCriteriaId: "80733A92-049A-480D-A29B-0E0CD789093F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS, GeForce y Tesla, NVIDIA GPU Display Driver contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys para Windows o nvidia.ko para Linux) donde una verificación de permisos perdida podría permitir a usuarios obtener acceso a memoria física arbitraria, conduciendo a una escalada de privilegios.", }, ], id: "CVE-2016-7382", lastModified: "2024-11-21T02:57:53.277", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:07.943", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94177", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-275", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
▼ | URL | Tags | |
---|---|---|---|
psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
psirt@nvidia.com | http://www.securityfocus.com/bid/93251 | Third Party Advisory, VDB Entry | |
psirt@nvidia.com | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93251 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "353E4EEB-07DE-4BD3-B094-768C6AF43ECC", versionEndExcluding: "341.96", versionStartIncluding: "340", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E97EFE4C-6324-464B-9DCF-B41D78CBB610", versionEndExcluding: "354.99", versionStartIncluding: "352.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "06610350-44CB-41AE-B291-441EFC861C51", versionEndExcluding: "362.77", versionStartIncluding: "361", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E21E09EF-9C01-4B7B-AD77-96055343E2D2", versionEndExcluding: "368.39", versionStartIncluding: "367", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los párametros en la capa de soporte NVAPI provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores gráficos de NVIDIA Windows.", }, ], id: "CVE-2016-5025", lastModified: "2024-11-21T02:53:28.603", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 4.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:04.630", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los parámetros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores de gráficos de NVIDIA Windows.", }, ], id: "CVE-2016-4961", lastModified: "2024-11-21T02:53:18.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:03.583", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2016-3161
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
References
▼ | URL | Tags |
---|---|---|
http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:47:57.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-3161", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privileges", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-3161", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-03-15T00:00:00", dateUpdated: "2024-08-05T23:47:57.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-5025
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
▼ | URL | Tags |
---|---|---|
http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:40.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-5025", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-5025", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-24T00:00:00", dateUpdated: "2024-08-06T00:46:40.221Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-4959
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
References
▼ | URL | Tags |
---|---|---|
http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | x_refsource_MISC | |
http://www.securityfocus.com/bid/93256 | vdb-entry, x_refsource_BID | |
https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:39.859Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { name: "93256", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93256", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_MISC", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { name: "93256", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93256", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-4959", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", refsource: "MISC", url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { name: "93256", refsource: "BID", url: "http://www.securityfocus.com/bid/93256", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-4959", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-23T00:00:00", dateUpdated: "2024-08-06T00:46:39.859Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-5852
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
References
▼ | URL | Tags |
---|---|---|
http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:15:10.785Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-5852", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privileges", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-5852", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-06-28T00:00:00", dateUpdated: "2024-08-06T01:15:10.785Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-4961
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
▼ | URL | Tags |
---|---|---|
http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:39.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-4961", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-4961", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-23T00:00:00", dateUpdated: "2024-08-06T00:46:39.870Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-8812
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 02:35
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/93986 | vdb-entry, x_refsource_BID | |
https://www.exploit-db.com/exploits/40660/ | exploit, x_refsource_EXPLOIT-DB | |
http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, and GeForce (all versions) |
Version: Quadro, NVS, and GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:35:01.168Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "93986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93986", }, { name: "40660", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40660/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, and GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, and GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-02T09:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { name: "93986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93986", }, { name: "40660", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40660/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-8812", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, and GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, and GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "93986", refsource: "BID", url: "http://www.securityfocus.com/bid/93986", }, { name: "40660", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/40660/", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-8812", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-10-18T00:00:00", dateUpdated: "2024-08-06T02:35:01.168Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-4960
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
References
▼ | URL | Tags |
---|---|---|
http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:39.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-4960", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privileges", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-4960", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-23T00:00:00", dateUpdated: "2024-08-06T00:46:39.887Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7382
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:57
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
References
▼ | URL | Tags |
---|---|---|
https://support.lenovo.com/us/en/solutions/LEN-10822 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/94177 | vdb-entry, x_refsource_BID | |
http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | x_refsource_CONFIRM | |
http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Quadro, NVS, GeForce, and Tesla (all versions) |
Version: Quadro, NVS, GeForce, and Tesla (all versions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:57:47.082Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { name: "94177", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94177", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce, and Tesla (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce, and Tesla (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.", }, ], problemTypes: [ { descriptions: [ { description: "Incorrect Access Control", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-18T21:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { name: "94177", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94177", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-7382", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce, and Tesla (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce, and Tesla (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Incorrect Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://support.lenovo.com/us/en/solutions/LEN-10822", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { name: "94177", refsource: "BID", url: "http://www.securityfocus.com/bid/94177", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-7382", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T01:57:47.082Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }