NVIDIA Windows GPU Display Driver Vulnerability in Kernel Mode Layer
CVE-2016-8822

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Windows Gpu Display Driver
Vendor: CVE Published:; 16 December 2016

Summary

The NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer specifically related to the handling of DxgDdiEscape IDs 0x600000E, 0x600000F, and 0x6000010. An unsanitized value sent by a user is utilized as an index in an internal array, which can potentially lead to significant security issues including denial of service or escalation of privileges. This vulnerability impacts all versions of the driver, posing a risk to system integrity and stability.

Affected Version(s)

Windows GPU Display Driver All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4278

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95014

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2016
Vulnerability Reserved
Oct 18, 2016