All the vulnerabilites related to nvidia - geforce_gtx_950m
cve-2016-4959
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93256 | vdb-entry, x_refsource_BID | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/"
},
{
"name": "93256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/"
},
{
"name": "93256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-4959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/",
"refsource": "MISC",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/"
},
{
"name": "93256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93256"
},
{
"name": "https://support.lenovo.com/us/en/product_security/ps500070",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-4959",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-05-23T00:00:00",
"dateUpdated": "2024-08-06T00:46:39.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-3979
Vulnerability from cvelistv5
Published
2019-04-01 20:10
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).
References
| ▼ | URL | Tags |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:24.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nouveau",
"vendor": "Nouveau",
"versions": [
{
"status": "affected",
"version": "Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64)"
},
{
"status": "affected",
"version": "Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)"
}
]
}
],
"datePublic": "2019-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:07:24",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-3979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nouveau",
"version": {
"version_data": [
{
"version_value": "Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64)"
},
{
"version_value": "Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)"
}
]
}
}
]
},
"vendor_name": "Nouveau"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.4,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647",
"refsource": "CONFIRM",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2018-3979",
"datePublished": "2019-04-01T20:10:28",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T04:57:24.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4960
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-4960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"name": "https://support.lenovo.com/us/en/product_security/ps500070",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-4960",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-05-23T00:00:00",
"dateUpdated": "2024-08-06T00:46:39.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5025
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-5025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"name": "https://support.lenovo.com/us/en/product_security/ps500070",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-5025",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:40.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4961
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-4961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"name": "https://support.lenovo.com/us/en/product_security/ps500070",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-4961",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-05-23T00:00:00",
"dateUpdated": "2024-08-06T00:46:39.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8812
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 02:35
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93986 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/40660/ | exploit, x_refsource_EXPLOIT-DB | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, and GeForce (all versions) |
Version: Quadro, NVS, and GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:01.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93986"
},
{
"name": "40660",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40660/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, and GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, and GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"name": "93986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93986"
},
{
"name": "40660",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40660/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-8812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, and GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, and GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93986"
},
{
"name": "40660",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40660/"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-8812",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-10-18T00:00:00",
"dateUpdated": "2024-08-06T02:35:01.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3161
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:47:57.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-3161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"name": "https://support.lenovo.com/us/en/product_security/ps500070",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-3161",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-03-15T00:00:00",
"dateUpdated": "2024-08-05T23:47:57.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5852
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | x_refsource_CONFIRM | |
| https://support.lenovo.com/us/en/product_security/ps500070 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93251 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce (all versions) |
Version: Quadro, NVS, GeForce (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-5852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"name": "https://support.lenovo.com/us/en/product_security/ps500070",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"name": "93251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-5852",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-06-28T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-7382
Vulnerability from cvelistv5
Published
2016-11-08 20:37
Modified
2024-08-06 01:57
Severity ?
EPSS score ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.lenovo.com/us/en/solutions/LEN-10822 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94177 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | x_refsource_CONFIRM | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Quadro, NVS, GeForce, and Tesla (all versions) |
Version: Quadro, NVS, GeForce, and Tesla (all versions) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:57:47.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
},
{
"name": "94177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Quadro, NVS, GeForce, and Tesla (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Quadro, NVS, GeForce, and Tesla (all versions)"
}
]
}
],
"datePublic": "2016-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-18T21:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
},
{
"name": "94177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2016-7382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Quadro, NVS, GeForce, and Tesla (all versions)",
"version": {
"version_data": [
{
"version_value": "Quadro, NVS, GeForce, and Tesla (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-10822",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
},
{
"name": "94177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94177"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2016-7382",
"datePublished": "2016-11-08T20:37:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T01:57:47.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-04-01 21:30
Modified
2024-11-21 04:06
Severity ?
Summary
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647 | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_745_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0B0969-F14F-42AD-9F69-1C4460C0CB83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_750_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607AAFC6-E6EC-40A0-B4B0-CCBE11B4EB6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_750_ti_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2EE2000-3576-4717-B64C-0C68F4021385",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_840m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5270F3F-8395-4477-95A0-6CB616B29774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_840m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7496DD40-8A3C-4098-A377-F566FD2865BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_845m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80471038-63CD-4CAF-9D6B-AD9FBDFDC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_845m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AFBA8C-3D83-4C8E-AB22-A81EB20C012D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_850m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F05EFC5-92F0-4F0F-B757-C4ECDD1F734C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_850m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EFFC1A6-DD6B-4EA7-AB3C-3E7809C9DDD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_860m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8828EFE-D892-42CC-A541-B51C64289501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_860m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6946F0-392C-4126-B6AA-B096526C700F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_950m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82F295A3-3467-4765-AE4E-8C2EE79BEBB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:geforce_gtx_960m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C8135B-FAA2-464D-B82F-F83F1BDB68EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:quadro_k620_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5FD140A-A0AB-4D2C-970D-6E203C15ED4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:quadro_k1200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8894ED9A-9F9C-46BA-8131-90296C9162B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:quadro_k2200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39977D40-14D6-4260-ACA8-2129614C397D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:quadro_k2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC6A4C2-101A-4C8B-AD0F-3423CAB372A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:quadro_m1000m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7350569F-FA36-4BBC-BA10-4689B01FEE69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:quadro_m1200m_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B98AAC-0C1A-43E2-83DD-549D36159849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42C16B00-58D1-4D09-8547-D83E1351D9AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:grid_m30_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33F00F2D-CF5F-4B36-AC9E-09B8EF350FC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:grid_m30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F50616-3A42-4379-81ED-ED40639AC8AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:grid_m40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3113B911-40B0-4BAE-A8B5-A02383BCF754",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:grid_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEF4E50-B311-4AB0-9A34-E34D854BDF0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio (DoS) remota en la manera en la que el controlador Nouveau Display (el controlador de visualizaci\u00f3n de Ubuntu Nvidia por defecto) gestiona la ejecuci\u00f3n del shader de la GPU. Un shader de p\u00edxeles especialmente manipulado puede provocar fallos de denegaci\u00f3n de servicio (DoS) remota. Un atacante puede proporcionar una imagen especialmente manipulada para desencadenar esta vulnerabilidad. Esta vulnerabilidad puede desencadenarse de manera remota despu\u00e9s de que el usuario visita un sitio web mal formado. No se requiere otra interacci\u00f3n del usuario. Las versiones vulnerables incluyen la 18.04 LTS de Ubuntu (linux 4.15.0-29-generic x86_64) y la NV117 del controlador Nouveau Display (vermagic: 4.15.0-29-generic SMP mod_unload)."
}
],
"id": "CVE-2018-3979",
"lastModified": "2024-11-21T04:06:25.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-01T21:30:43.110",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:49
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
"versionEndIncluding": "-",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotaci\u00f3n exitosa de una instalaci\u00f3n de servicio vulnerable puede habilitar c\u00f3digo malicioso para ejecutarse en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-3161 es para la ruta de servicio no citada GameStream."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/428.html\"\u003eCWE-428: Unquoted Search Path or Element\u003c/a\u003e",
"id": "CVE-2016-3161",
"lastModified": "2024-11-21T02:49:30.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:00.177",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "psirt@nvidia.com",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "psirt@nvidia.com",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
"versionEndIncluding": "-",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, desinfecci\u00f3n inadecuada de los par\u00e1metros en la capa de la API NVStreamKMS.sys provoca una vulnerabilidad de denegaci\u00f3n de servicio (ca\u00edda de pantalla azul) dentro de los controladores de gr\u00e1ficos de NVIDIA Windows."
}
],
"id": "CVE-2016-4961",
"lastModified": "2024-11-21T02:53:18.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:03.583",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "psirt@nvidia.com",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "psirt@nvidia.com",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/93251 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93251 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "353E4EEB-07DE-4BD3-B094-768C6AF43ECC",
"versionEndExcluding": "341.96",
"versionStartIncluding": "340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E97EFE4C-6324-464B-9DCF-B41D78CBB610",
"versionEndExcluding": "354.99",
"versionStartIncluding": "352.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06610350-44CB-41AE-B291-441EFC861C51",
"versionEndExcluding": "362.77",
"versionStartIncluding": "361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E21E09EF-9C01-4B7B-AD77-96055343E2D2",
"versionEndExcluding": "368.39",
"versionStartIncluding": "367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, desinfecci\u00f3n inadecuada de los p\u00e1rametros en la capa de soporte NVAPI provoca una vulnerabilidad de denegaci\u00f3n de servicio (ca\u00edda de pantalla azul) dentro de los controladores gr\u00e1ficos de NVIDIA Windows."
}
],
"id": "CVE-2016-5025",
"lastModified": "2024-11-21T02:53:28.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:04.630",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 03:00
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/93986 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | https://www.exploit-db.com/exploits/40660/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93986 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/40660/ |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
"versionEndIncluding": "-",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 before 342.00, R367 before 369.59, and R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x7000014 donde un valor pasado de un usuario al controlador es utilizado sin validaci\u00f3n como el \u00edndice de una matriz interna, conduciendo a una denegaci\u00f3n de servicio o potencial escalada de privilegios."
}
],
"id": "CVE-2016-8812",
"lastModified": "2024-11-21T03:00:08.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:25.850",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93986"
},
{
"source": "psirt@nvidia.com",
"url": "https://www.exploit-db.com/exploits/40660/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40660/"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_experience:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC7A2F9-5F65-4203-B171-6109E61B5F2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, el componente de servicio NVIDIA NVStreamKMS.sys est\u00e1 validando incorrectamente los datos suministrados por el usuario a trav\u00e9s de sus puntos de entrada de la API lo que causa una elevaci\u00f3n de privilegios."
}
],
"id": "CVE-2016-4960",
"lastModified": "2024-11-21T02:53:18.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:02.567",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "psirt@nvidia.com",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "psirt@nvidia.com",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:55
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36E098A-0BCE-41CF-8AF6-3C32E18C8256",
"versionEndIncluding": "-",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, vulnerabilidades de ruta de servicio no citadas GFE GameStream y NVTray Plugin son ejemplos de la vulnerabilidad de ruta de servicio no citado en Windows. Una explotaci\u00f3n exitosa de una instalaci\u00f3n de servicio vulnerable puede habilitar c\u00f3digo malicioso para ejecutar en el sistema en el nivel de privilegios sistema/usuario. La ID CVE-2016-5852 es para la ruta de servicio no citada NVTray Plugin."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/428.html\"\u003eCWE-428: Unquoted Search Path or Element\u003c/a\u003e",
"id": "CVE-2016-5852",
"lastModified": "2024-11-21T02:55:08.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:05.787",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "psirt@nvidia.com",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "psirt@nvidia.com",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:53
Severity ?
Summary
For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/93256 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | Third Party Advisory | |
| psirt@nvidia.com | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4213 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93256 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/ps500070 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "353E4EEB-07DE-4BD3-B094-768C6AF43ECC",
"versionEndExcluding": "341.96",
"versionStartIncluding": "340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E97EFE4C-6324-464B-9DCF-B41D78CBB610",
"versionEndExcluding": "354.99",
"versionStartIncluding": "352.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06610350-44CB-41AE-B291-441EFC861C51",
"versionEndExcluding": "362.77",
"versionStartIncluding": "361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E21E09EF-9C01-4B7B-AD77-96055343E2D2",
"versionEndExcluding": "368.39",
"versionStartIncluding": "367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS y GeForce, hay una denegaci\u00f3n de servicio Remote Desktop. Una explotaci\u00f3n exitosa de la vulnerabilidad del sistema tendr\u00eda como resultado en un a referencia a puntero nulo del kernel, causando una ca\u00edda de pantalla azul."
}
],
"id": "CVE-2016-4959",
"lastModified": "2024-11-21T02:53:18.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:01.397",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93256"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/warning-this-post-contains-graphic-nvidia-content/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/ps500070"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-08 20:59
Modified
2024-11-21 02:57
Severity ?
Summary
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| psirt@nvidia.com | http://www.securityfocus.com/bid/94177 | Third Party Advisory, VDB Entry | |
| psirt@nvidia.com | https://support.lenovo.com/us/en/solutions/LEN-10822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4246 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nvidia.custhelp.com/app/answers/detail/a_id/4247 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94177 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/solutions/LEN-10822 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:304.131:*:*:*:*:*:*:*",
"matchCriteriaId": "D39139B8-5709-4C8B-BEE8-CD4B70A4674E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:340.98:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABF20C2-69A3-4D04-970D-E88E0020DAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:361.93.02:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D2D3FF-A8F2-4279-96FC-26128A0437E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:367.44:*:*:*:*:*:*:*",
"matchCriteriaId": "2071AAEF-A450-4093-BFE9-BCC4055F23EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:367.54:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2C1B6C-EEB7-4DA8-B638-CD47789DDB76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_driver:370.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1FFE9B-3EE1-4450-BECB-B1FE91FF3F06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C6E52F-EE00-4CE3-B9F9-0ED847DE3FB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26641568-53CE-4606-B2CA-C25A97795A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BAA7E2-E4F5-44C9-BEDF-7425B0C56578",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A831E4-1119-45F0-B9A0-4D948ECD47E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F50D6AC-3D1E-4E54-8422-B717456F6257",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03CBD29C-A606-45DE-B2FB-8572B986A4F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF5DC1-4609-4F34-9511-785F7B119ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3724F083-A7FC-4069-AC35-FB8AA08B6CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0C08C8-AC1B-4A01-903A-FB56B75CAE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B376C04-8A35-42E7-8937-1A466E89639A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F13EE983-724F-472B-BCF5-B416D1DF27E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF0898-E092-42BA-A777-FB7C5FFC4D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B48700-10AB-4194-94BC-D0F177D0B56A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B7EE4-080F-4E3C-8304-0837AC20ECCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:telsa_k80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD67F88-6887-40E1-8484-27D3A9900150",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_c2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8BE0940-95D9-4EA3-B66B-471D87770679",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_c2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DED2E138-85AB-4C3D-A2EE-2A82F5309932",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_c2075:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2F6A51-E52E-424C-82AD-2276CEDAD23B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_k10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "824DB61D-A2BC-4E8D-B8BF-C3340A62345C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_k20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6778EBC-CF3C-48A4-9F6A-037BA4B2A3EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_k20x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "011ACD20-C0D6-4E19-AE60-50A4A155C925",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_k40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65E7F28C-8B7B-416A-88CC-970F5EBE36C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_k8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D16D559F-83A8-42CE-A22D-A6519C3F6F61",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_k80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD76737-522F-451E-8B93-B490C23E0517",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D69A7BF-4C1C-4A5A-BB98-1498BFE52B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2544F6-397B-4B24-9809-B335481E43E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m2075:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47DFFCDD-1839-4613-AEA8-6AAD1E7B4DA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m2090:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80733A92-049A-480D-A29B-0E0CD789093F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges."
},
{
"lang": "es",
"value": "Para los productos NVIDIA Quadro, NVS, GeForce y Tesla, NVIDIA GPU Display Driver contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys para Windows o nvidia.ko para Linux) donde una verificaci\u00f3n de permisos perdida podr\u00eda permitir a usuarios obtener acceso a memoria f\u00edsica arbitraria, conduciendo a una escalada de privilegios."
}
],
"id": "CVE-2016-7382",
"lastModified": "2024-11-21T02:57:53.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-08T20:59:07.943",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94177"
},
{
"source": "psirt@nvidia.com",
"url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-275"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}