CVE-2017-6270 - NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for Dxgk

CVE-2017-6270

Summary

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation which may lead to a potential divide by zero and denial of service.

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4544
http://www.securityfocus.com/bid/101002

Vulnerable Configurations

cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 28-09-2017 - 15:04)
Impact:
Exploitability:

CWE

CWE-369

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	101002
confirm	http://nvidia.custhelp.com/app/answers/detail/a_id/4544

Last major update

28-09-2017 - 15:04

Published

22-09-2017 - 17:29

Last modified

28-09-2017 - 15:04