NVIDIA GPU Display Driver Vulnerability in Kernel Mode Layer
CVE-2016-8820

6.1MEDIUM

Key Information:

Vendor: Nvidia
Status: Quadro, Nvs, Geforce, Grid And Tesla
Vendor: CVE Published:; 16 December 2016

Summary

The NVIDIA Windows GPU Display Driver has a vulnerability in the kernel mode layer (nvlddmkm.sys) related to the DxgDdiEscape function. An absence of a necessary check on a function's return value could lead to the usage of an uninitialized value in a strcpy() call. This oversight raises significant security concerns, as it may result in a denial of service or unauthorized information disclosure. Users of all versions of this driver should prioritize updates to mitigate potential risks.

Affected Version(s)

Quadro, NVS, GeForce, GRID and Tesla All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4257

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95045

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2016
Vulnerability Reserved
Oct 18, 2016