Denial of Service and Privilege Escalation Issue in NVIDIA Windows GPU Display Driver
CVE-2016-8825

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Windows Gpu Display Driver
Vendor: CVE Published:; 16 December 2016

Summary

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability within the kernel mode layer (nvlddmkm.sys) pertaining to the DxgDdiEscape handler. This vulnerability arises from the lack of input buffer size validation, allowing for potential manipulation that could result in a denial of service or elevate user privileges within the system. Addressing this vulnerability is critical for maintaining system integrity and security.

Affected Version(s)

Windows GPU Display Driver All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4278

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94956

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2016
Vulnerability Reserved
Oct 18, 2016