Privilege Escalation Vulnerability in NVIDIA GPU Graphics Driver
CVE-2016-2556

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Gpu Driver R340; Gpu Driver R352
Vendor: CVE Published:; 12 April 2016

What is CVE-2016-2556?

The Escape interface in the Kernel Mode Driver layer of NVIDIA GPU graphics drivers (R340 versions prior to 341.95 and R352 versions prior to 354.74) on Windows contains a vulnerability that permits local users to access functionality meant to be restricted. This access could lead to a potential elevation of privileges through unknown methods, thereby compromising system integrity and security.

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4059

x_refsource_CONFIRM

https://support.lenovo.com/us/en/product_security/len_5551

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2016
Vulnerability Reserved
Feb 24, 2016

Nvidia

What is CVE-2016-2556?

References

CVSS V3.1

Timeline