CVE-2017-0315 - All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (

CVE-2017-0315

Summary

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an attempt to access an invalid object pointer may lead to denial of service or potential escalation of privileges.

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Vulnerable Configurations

cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 23-02-2017 - 19:26)
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm

http://nvidia.custhelp.com/app/answers/detail/a_id/4398

Last major update

23-02-2017 - 19:26

Published

15-02-2017 - 23:59

Last modified

23-02-2017 - 19:26