Denial of Service Vulnerability in NVIDIA Graphics Drivers
CVE-2016-4961

5.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Quadro, Nvs, Geforce (all Versions)
Vendor: CVE Published:; 8 November 2016

What is CVE-2016-4961?

A flaw in the NVStreamKMS.sys API layer of NVIDIA graphics drivers creates a vulnerability that can lead to a denial of service condition, causing a system crash (blue screen). This impacts users of NVIDIA Quadro, NVS, and GeForce products, making it critical to apply necessary updates to safeguard against potential disruptions in service.

Affected Version(s)

Quadro, NVS, GeForce (all ) Quadro, NVS, GeForce (all versions)

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4213

x_refsource_CONFIRM

https://support.lenovo.com/us/en/product_security/ps500070

x_refsource_CONFIRM

http://www.securityfocus.com/bid/93251

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 8, 2016
Vulnerability Reserved
May 23, 2016

Nvidia

What is CVE-2016-4961?

Affected Version(s)

References

CVSS V3.1

Timeline