ID CVE-2021-1052
Summary NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.
References
Vulnerable Configurations
  • cpe:2.3:a:nvidia:gpu_driver:390:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:390:*:*:*:*:*:*:*
  • cpe:2.3:a:nvidia:gpu_driver:390.141:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:390.141:*:*:*:*:*:*:*
  • cpe:2.3:a:nvidia:gpu_driver:418:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:418:*:*:*:*:*:*:*
  • cpe:2.3:a:nvidia:gpu_driver:450:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:450:*:*:*:*:*:*:*
  • cpe:2.3:a:nvidia:gpu_driver:450.102.04:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:450.102.04:*:*:*:*:*:*:*
  • cpe:2.3:a:nvidia:gpu_driver:460:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:460:*:*:*:*:*:*:*
  • cpe:2.3:a:nvidia:gpu_driver:460.32.03:*:*:*:*:*:*:*
    cpe:2.3:a:nvidia:gpu_driver:460.32.03:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 21-11-2024 - 05:43)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
confirm https://nvidia.custhelp.com/app/answers/detail/a_id/5142
Last major update 21-11-2024 - 05:43
Published 08-01-2021 - 01:15
Last modified 21-11-2024 - 05:43
Back to Top