CVE-2021-1055 - NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode lay

CVE-2021-1055

Summary

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

Vulnerable Configurations

cpe:2.3:a:nvidia:gpu_driver:390:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:390:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:390.141:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:390.141:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:418:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:418:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:450:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:450:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:450.102.04:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:450.102.04:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:460:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:460:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:460.32.03:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_driver:460.32.03:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 12-07-2022 - 17:42)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

Last major update

12-07-2022 - 17:42

Published

08-01-2021 - 01:15

Last modified

12-07-2022 - 17:42