Vulnerability in NVIDIA Windows GPU Display Driver Exposes Potential Risks
CVE-2017-6254

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Windows Gpu Display Driver
Vendor: CVE Published:; 28 July 2017

What is CVE-2017-6254?

The NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) associated with the DxgkDdiEscape function. This issue arises when a pointer provided by a user is processed by the driver without sufficient validation checks. The lack of proper checks may lead to a denial of service or may enable an attacker to escalate privileges, potentially compromising system security.

Affected Version(s)

NVIDIA Windows GPU Display Driver All

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4525

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 28, 2017
Vulnerability Reserved
Feb 23, 2017

Nvidia

What is CVE-2017-6254?

Affected Version(s)

References

CVSS V3.1

Timeline