Vulnerabilites related to nvidia - geforce_gtx_950m
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los parámetros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores de gráficos de NVIDIA Windows.", }, ], id: "CVE-2016-4961", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:03.583", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:-:*:*:*:*:*:*:*", matchCriteriaId: "4DC7A2F9-5F65-4203-B171-6109E61B5F2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, el componente de servicio NVIDIA NVStreamKMS.sys está validando incorrectamente los datos suministrados por el usuario a través de sus puntos de entrada de la API lo que causa una elevación de privilegios.", }, ], id: "CVE-2016-4960", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:02.567", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutar en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-5852 es para la ruta de servicio no citada NVTray Plugin.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>", id: "CVE-2016-5852", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:05.787", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/93251 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93251 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "353E4EEB-07DE-4BD3-B094-768C6AF43ECC", versionEndExcluding: "341.96", versionStartIncluding: "340", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E97EFE4C-6324-464B-9DCF-B41D78CBB610", versionEndExcluding: "354.99", versionStartIncluding: "352.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "06610350-44CB-41AE-B291-441EFC861C51", versionEndExcluding: "362.77", versionStartIncluding: "361", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E21E09EF-9C01-4B7B-AD77-96055343E2D2", versionEndExcluding: "368.39", versionStartIncluding: "367", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, desinfección inadecuada de los párametros en la capa de soporte NVAPI provoca una vulnerabilidad de denegación de servicio (caída de pantalla azul) dentro de los controladores gráficos de NVIDIA Windows.", }, ], id: "CVE-2016-5025", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 4.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:04.630", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/93986 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | https://www.exploit-db.com/exploits/40660/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93986 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/40660/ |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 before 342.00, R367 before 369.59, and R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x7000014 donde un valor pasado de un usuario al controlador es utilizado sin validación como el índice de una matriz interna, conduciendo a una denegación de servicio o potencial escalada de privilegios.", }, ], id: "CVE-2016-8812", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:25.850", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93986", }, { source: "psirt@nvidia.com", url: "https://www.exploit-db.com/exploits/40660/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/40660/", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/94177 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | https://support.lenovo.com/us/en/solutions/LEN-10822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94177 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/solutions/LEN-10822 |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_driver:304.131:*:*:*:*:*:*:*", matchCriteriaId: "D39139B8-5709-4C8B-BEE8-CD4B70A4674E", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:340.98:*:*:*:*:*:*:*", matchCriteriaId: "3ABF20C2-69A3-4D04-970D-E88E0020DAD2", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:361.93.02:*:*:*:*:*:*:*", matchCriteriaId: "B4D2D3FF-A8F2-4279-96FC-26128A0437E9", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:367.44:*:*:*:*:*:*:*", matchCriteriaId: "2071AAEF-A450-4093-BFE9-BCC4055F23EF", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:367.54:*:*:*:*:*:*:*", matchCriteriaId: "8A2C1B6C-EEB7-4DA8-B638-CD47789DDB76", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:370.23:*:*:*:*:*:*:*", matchCriteriaId: "DC1FFE9B-3EE1-4450-BECB-B1FE91FF3F06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:telsa_k80:-:*:*:*:*:*:*:*", matchCriteriaId: "9DD67F88-6887-40E1-8484-27D3A9900150", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_c2050:-:*:*:*:*:*:*:*", matchCriteriaId: "A8BE0940-95D9-4EA3-B66B-471D87770679", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_c2070:-:*:*:*:*:*:*:*", matchCriteriaId: "DED2E138-85AB-4C3D-A2EE-2A82F5309932", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_c2075:-:*:*:*:*:*:*:*", matchCriteriaId: "2C2F6A51-E52E-424C-82AD-2276CEDAD23B", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k10:-:*:*:*:*:*:*:*", matchCriteriaId: "824DB61D-A2BC-4E8D-B8BF-C3340A62345C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k20:-:*:*:*:*:*:*:*", matchCriteriaId: "D6778EBC-CF3C-48A4-9F6A-037BA4B2A3EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k20x:-:*:*:*:*:*:*:*", matchCriteriaId: "011ACD20-C0D6-4E19-AE60-50A4A155C925", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k40:-:*:*:*:*:*:*:*", matchCriteriaId: "65E7F28C-8B7B-416A-88CC-970F5EBE36C2", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k8:-:*:*:*:*:*:*:*", matchCriteriaId: "D16D559F-83A8-42CE-A22D-A6519C3F6F61", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_k80:-:*:*:*:*:*:*:*", matchCriteriaId: "CAD76737-522F-451E-8B93-B490C23E0517", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2050:-:*:*:*:*:*:*:*", matchCriteriaId: "8D69A7BF-4C1C-4A5A-BB98-1498BFE52B8F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2070:-:*:*:*:*:*:*:*", matchCriteriaId: "0F2544F6-397B-4B24-9809-B335481E43E4", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2075:-:*:*:*:*:*:*:*", matchCriteriaId: "47DFFCDD-1839-4613-AEA8-6AAD1E7B4DA9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m2090:-:*:*:*:*:*:*:*", matchCriteriaId: "80733A92-049A-480D-A29B-0E0CD789093F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS, GeForce y Tesla, NVIDIA GPU Display Driver contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys para Windows o nvidia.ko para Linux) donde una verificación de permisos perdida podría permitir a usuarios obtener acceso a memoria física arbitraria, conduciendo a una escalada de privilegios.", }, ], id: "CVE-2016-7382", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:07.943", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94177", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-275", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "F36E098A-0BCE-41CF-8AF6-3C32E18C8256", versionEndIncluding: "-", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotación exitosa de una instalación de servicio vulnerable puede habilitar código malicioso para ejecutarse en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-3161 es para la ruta de servicio no citada GameStream.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/428.html\">CWE-428: Unquoted Search Path or Element</a>", id: "CVE-2016-3161", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:00.177", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", url: "http://www.securityfocus.com/bid/93251", }, { source: "psirt@nvidia.com", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/93251", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-04-01 21:30
Modified
2024-11-21 04:06
Severity ?
Summary
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_745_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4B0B0969-F14F-42AD-9F69-1C4460C0CB83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_750_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "607AAFC6-E6EC-40A0-B4B0-CCBE11B4EB6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_750_ti_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F2EE2000-3576-4717-B64C-0C68F4021385", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_840m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5270F3F-8395-4477-95A0-6CB616B29774", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_840m:-:*:*:*:*:*:*:*", matchCriteriaId: "7496DD40-8A3C-4098-A377-F566FD2865BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_845m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "80471038-63CD-4CAF-9D6B-AD9FBDFDC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_845m:-:*:*:*:*:*:*:*", matchCriteriaId: "D3AFBA8C-3D83-4C8E-AB22-A81EB20C012D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_850m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1F05EFC5-92F0-4F0F-B757-C4ECDD1F734C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_850m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EFFC1A6-DD6B-4EA7-AB3C-3E7809C9DDD5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_860m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E8828EFE-D892-42CC-A541-B51C64289501", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_860m:-:*:*:*:*:*:*:*", matchCriteriaId: "6F6946F0-392C-4126-B6AA-B096526C700F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_950m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "82F295A3-3467-4765-AE4E-8C2EE79BEBB6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:geforce_gtx_960m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D3C8135B-FAA2-464D-B82F-F83F1BDB68EB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:quadro_k620_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A5FD140A-A0AB-4D2C-970D-6E203C15ED4D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:quadro_k1200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8894ED9A-9F9C-46BA-8131-90296C9162B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:quadro_k2200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "39977D40-14D6-4260-ACA8-2129614C397D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:quadro_k2200:-:*:*:*:*:*:*:*", matchCriteriaId: "2BC6A4C2-101A-4C8B-AD0F-3423CAB372A1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:quadro_m1000m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7350569F-FA36-4BBC-BA10-4689B01FEE69", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:quadro_m1200m_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B7B98AAC-0C1A-43E2-83DD-549D36159849", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:quadro_m1200m:-:*:*:*:*:*:*:*", matchCriteriaId: "42C16B00-58D1-4D09-8547-D83E1351D9AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:grid_m30_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "33F00F2D-CF5F-4B36-AC9E-09B8EF350FC6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:grid_m30:-:*:*:*:*:*:*:*", matchCriteriaId: "E7F50616-3A42-4379-81ED-ED40639AC8AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:grid_m40_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3113B911-40B0-4BAE-A8B5-A02383BCF754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:grid_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "FCEF4E50-B311-4AB0-9A34-E34D854BDF0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).", }, { lang: "es", value: "Existe una vulnerabilidad de denegación de servicio (DoS) remota en la manera en la que el controlador Nouveau Display (el controlador de visualización de Ubuntu Nvidia por defecto) gestiona la ejecución del shader de la GPU. Un shader de píxeles especialmente manipulado puede provocar fallos de denegación de servicio (DoS) remota. Un atacante puede proporcionar una imagen especialmente manipulada para desencadenar esta vulnerabilidad. Esta vulnerabilidad puede desencadenarse de manera remota después de que el usuario visita un sitio web mal formado. No se requiere otra interacción del usuario. Las versiones vulnerables incluyen la 18.04 LTS de Ubuntu (linux 4.15.0-29-generic x86_64) y la NV117 del controlador Nouveau Display (vermagic: 4.15.0-29-generic SMP mod_unload).", }, ], id: "CVE-2018-3979", lastModified: "2024-11-21T04:06:25.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 4, source: "talos-cna@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-01T21:30:43.110", references: [ { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/93256 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | Third Party Advisory | |
| psirt@nvidia.com | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93256 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "353E4EEB-07DE-4BD3-B094-768C6AF43ECC", versionEndExcluding: "341.96", versionStartIncluding: "340", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E97EFE4C-6324-464B-9DCF-B41D78CBB610", versionEndExcluding: "354.99", versionStartIncluding: "352.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "06610350-44CB-41AE-B291-441EFC861C51", versionEndExcluding: "362.77", versionStartIncluding: "361", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E21E09EF-9C01-4B7B-AD77-96055343E2D2", versionEndExcluding: "368.39", versionStartIncluding: "367", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*", matchCriteriaId: "26641568-53CE-4606-B2CA-C25A97795A50", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*", matchCriteriaId: "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*", matchCriteriaId: "05A831E4-1119-45F0-B9A0-4D948ECD47E6", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*", matchCriteriaId: "1F50D6AC-3D1E-4E54-8422-B717456F6257", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*", matchCriteriaId: "03CBD29C-A606-45DE-B2FB-8572B986A4F0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*", matchCriteriaId: "44BF5DC1-4609-4F34-9511-785F7B119ADE", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*", matchCriteriaId: "3724F083-A7FC-4069-AC35-FB8AA08B6CCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", matchCriteriaId: "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", matchCriteriaId: "3EAB33B6-E270-4C11-8E57-2BE127C86134", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*", matchCriteriaId: "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*", matchCriteriaId: "2B376C04-8A35-42E7-8937-1A466E89639A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*", matchCriteriaId: "F13EE983-724F-472B-BCF5-B416D1DF27E1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*", matchCriteriaId: "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*", matchCriteriaId: "41B48700-10AB-4194-94BC-D0F177D0B56A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", matchCriteriaId: "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*", matchCriteriaId: "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", matchCriteriaId: "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.", }, { lang: "es", value: "Para los productos NVIDIA Quadro, NVS y GeForce, hay una denegación de servicio Remote Desktop. Una explotación exitosa de la vulnerabilidad del sistema tendría como resultado en un a referencia a puntero nulo del kernel, causando una caída de pantalla azul.", }, ], id: "CVE-2016-4959", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-08T20:59:01.397", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93256", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2016-4960 (GCVE-0-2016-4960)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:39.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-4960", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privileges", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-4960", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-23T00:00:00", dateUpdated: "2024-08-06T00:46:39.887Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-8812 (GCVE-0-2016-8812)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 02:35
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93986 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/40660/ | exploit, x_refsource_EXPLOIT-DB | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, and GeForce (all versions) |
Version: Quadro, NVS, and GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:35:01.168Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "93986", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93986", }, { name: "40660", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40660/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, and GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, and GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-02T09:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { name: "93986", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93986", }, { name: "40660", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40660/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-8812", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, and GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, and GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "93986", refsource: "BID", url: "http://www.securityfocus.com/bid/93986", }, { name: "40660", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/40660/", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-8812", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-10-18T00:00:00", dateUpdated: "2024-08-06T02:35:01.168Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7382 (GCVE-0-2016-7382)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:57
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.lenovo.com/us/en/solutions/LEN-10822 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94177 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | x_refsource_CONFIRM | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce, and Tesla (all versions) |
Version: Quadro, NVS, GeForce, and Tesla (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:57:47.082Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { name: "94177", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94177", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce, and Tesla (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce, and Tesla (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.", }, ], problemTypes: [ { descriptions: [ { description: "Incorrect Access Control", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-18T21:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { name: "94177", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94177", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-7382", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce, and Tesla (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce, and Tesla (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Incorrect Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://support.lenovo.com/us/en/solutions/LEN-10822", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/solutions/LEN-10822", }, { name: "94177", refsource: "BID", url: "http://www.securityfocus.com/bid/94177", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4246", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-7382", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T01:57:47.082Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5852 (GCVE-0-2016-5852)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:15:10.785Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-5852", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privileges", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-5852", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-06-28T00:00:00", dateUpdated: "2024-08-06T01:15:10.785Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4961 (GCVE-0-2016-4961)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:39.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-4961", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-4961", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-23T00:00:00", dateUpdated: "2024-08-06T00:46:39.870Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-5025 (GCVE-0-2016-5025)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:40.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-5025", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-5025", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-24T00:00:00", dateUpdated: "2024-08-06T00:46:40.221Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3161 (GCVE-0-2016-3161)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:47:57.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93251", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93251", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-3161", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privileges", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, { name: "93251", refsource: "BID", url: "http://www.securityfocus.com/bid/93251", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-3161", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-03-15T00:00:00", dateUpdated: "2024-08-05T23:47:57.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-4959 (GCVE-0-2016-4959)
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93256 | vdb-entry, x_refsource_BID | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:46:39.859Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { name: "93256", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93256", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Quadro, NVS, GeForce (all versions)", vendor: "n/a", versions: [ { status: "affected", version: "Quadro, NVS, GeForce (all versions)", }, ], }, ], datePublic: "2016-11-08T00:00:00", descriptions: [ { lang: "en", value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-13T17:57:01", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { tags: [ "x_refsource_MISC", ], url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { name: "93256", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93256", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2016-4959", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Quadro, NVS, GeForce (all versions)", version: { version_data: [ { version_value: "Quadro, NVS, GeForce (all versions)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4213", }, { name: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", refsource: "MISC", url: "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/", }, { name: "93256", refsource: "BID", url: "http://www.securityfocus.com/bid/93256", }, { name: "https://support.lenovo.com/us/en/product_security/ps500070", refsource: "CONFIRM", url: "https://support.lenovo.com/us/en/product_security/ps500070", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2016-4959", datePublished: "2016-11-08T20:37:00", dateReserved: "2016-05-23T00:00:00", dateUpdated: "2024-08-06T00:46:39.859Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-3979 (GCVE-0-2018-3979)
Vulnerability from cvelistv5
Published
2019-04-01 20:10
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).
References
| ▼ | URL | Tags |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:57:24.572Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Nouveau", vendor: "Nouveau", versions: [ { status: "affected", version: "Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64)", }, { status: "affected", version: "Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)", }, ], }, ], datePublic: "2019-03-26T00:00:00", descriptions: [ { lang: "en", value: "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T18:07:24", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "talos-cna@cisco.com", ID: "CVE-2018-3979", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Nouveau", version: { version_data: [ { version_value: "Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64)", }, { version_value: "Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)", }, ], }, }, ], }, vendor_name: "Nouveau", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).", }, ], }, impact: { cvss: { baseScore: 7.4, baseSeverity: "High", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", refsource: "CONFIRM", url: "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2018-3979", datePublished: "2019-04-01T20:10:28", dateReserved: "2018-01-02T00:00:00", dateUpdated: "2024-08-05T04:57:24.572Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }