Buffer Overflow Vulnerability in NVIDIA Windows GPU Display Driver
CVE-2016-8817

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Quadro, Nvs, Geforce, Grid And Tesla
Vendor: CVE Published:; 16 December 2016

Summary

A buffer overflow vulnerability exists in the NVIDIA Windows GPU Display Driver due to improper validation of user-supplied data in the kernel mode layer (specifically in nvlddmkm.sys) during the handling of DxgDdiEscape commands. This oversight allows an attacker to exploit the flaw to cause a denial of service or potentially escalate privileges, compromising system integrity and security.

Affected Version(s)

Quadro, NVS, GeForce, GRID and Tesla All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4257

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95059

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2016
Vulnerability Reserved
Oct 18, 2016