CVE-2016-8811

Опубликовано: 08 нояб. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000170 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.

Ссылки

http://nvidia.custhelp.com/app/answers/detail/a_id/4247
Patch
Vendor Advisory
http://www.securityfocus.com/bid/93988
Third Party Advisory
VDB Entry
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory
https://www.exploit-db.com/exploits/40662/
Third Party Advisory
VDB Entry
http://nvidia.custhelp.com/app/answers/detail/a_id/4247
Patch
Vendor Advisory
http://www.securityfocus.com/bid/93988
Third Party Advisory
VDB Entry
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory
https://www.exploit-db.com/exploits/40662/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*

Версия от 340 (включая) до 342.00 (исключая)

cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*

Версия от 375 (включая) до 375.63 (исключая)

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00394

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-424g-rgq3-f8r9