CVE-2016-8823

Опубликовано: 16 дек. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where the size of an input buffer is not validated leading to a denial of service or possible escalation of privileges

Ссылки

http://nvidia.custhelp.com/app/answers/detail/a_id/4278
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94918
Third Party Advisory
VDB Entry
http://www.talosintelligence.com/reports/TALOS-2016-0217/
http://nvidia.custhelp.com/app/answers/detail/a_id/4278
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94918
Third Party Advisory
VDB Entry
http://www.talosintelligence.com/reports/TALOS-2016-0217/

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00107

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-fm68-9vx2-78fv