CVE-2016-7384

Опубликовано: 08 нояб. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges.

Ссылки

http://nvidia.custhelp.com/app/answers/detail/a_id/4247
Patch
Vendor Advisory
http://www.securityfocus.com/bid/93983
Third Party Advisory
VDB Entry
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory
https://www.exploit-db.com/exploits/40655/
Exploit
Third Party Advisory
VDB Entry
http://nvidia.custhelp.com/app/answers/detail/a_id/4247
Patch
Vendor Advisory
http://www.securityfocus.com/bid/93983
Third Party Advisory
VDB Entry
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory
https://www.exploit-db.com/exploits/40655/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*

Версия от 340 (включая) до 342.00 (исключая)

cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*

Версия от 375 (включая) до 375.63 (исключая)

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00394

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-546g-cfrj-jhcv