Local Privilege Escalation in NVIDIA Display Driver Affects Multiple Versions
CVE-2015-1170

Currently unrated

Key Information:

Vendor
Nvidia
Status
Gpu Driver R304
Gpu Driver R346
Gpu Driver R340
Gpu Driver R343
Vendor
CVE Published:
6 March 2015

Summary

The NVIDIA Display Driver has a vulnerability that fails to adequately verify local client impersonation levels when conducting a kernel administrator check. This oversight allows local users to elevate their privileges to administrator status through various API calls, potentially compromising system security and control.

References

http://marc.info/?l=bugtraq&m=143013598825091&w=2
vendor-advisoryx_refsource_HP
http://www.securitytracker.com/id/1032013
vdb-entryx_refsource_SECTRACK
https://support.lenovo.com/product_security/nvidia_window...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.