GPU Driver

CVEs (91)

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-7382	Hig	0.51	7.8	0.00	Nov 8, 2016	For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
CVE-2016-7381	Hig	0.51	7.8	0.00	Nov 8, 2016	For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a user input to index an array is not bounds checked, leading to denial of service or potential escalation of privileges.
CVE-2017-0317	Hig	0.49	7.5	0.00	Feb 15, 2017	All versions of NVIDIA GPU and GeForce Experience installer contain a vulnerability where it fails to set proper permissions on the package extraction path thus allowing a non-privileged user to tamper with the extracted files, potentially leading to escalation of privileges via code execution.
CVE-2017-0343	Hig	0.46	7.0	0.00	May 9, 2017	All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escalation of privileges.
CVE-2016-5025	Med	0.43	6.6	0.00	Nov 8, 2016	For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
CVE-2017-6260	Med	0.42	6.5	0.00	Jul 28, 2017	NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service.
CVE-2017-0310	Med	0.42	6.5	0.00	Feb 15, 2017	All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service.
CVE-2017-6259	Med	0.40	6.1	0.01	Jul 28, 2017	NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service.
CVE-2016-8820	Med	0.40	6.1	0.00	Dec 16, 2016	All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a check on a function return value is missing, potentially allowing an uninitialized value to be used as the source of a strcpy() call, leading to denial of service or information disclosure.
CVE-2016-7386	Med	0.39	5.5	0.00	Nov 8, 2016	For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer.
CVE-2017-6271	Med	0.36	5.5	0.00	Sep 22, 2017	NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service.
CVE-2017-6270	Med	0.36	5.5	0.00	Sep 22, 2017	NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation which may lead to a potential divide by zero and denial of service.
CVE-2017-6267	Med	0.36	5.5	0.00	Sep 22, 2017	NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service.
CVE-2017-6266	Med	0.36	5.5	0.00	Sep 22, 2017	NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service.
CVE-2017-0353	Med	0.36	5.5	0.00	May 9, 2017	All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where due to improper locking on certain conditions may lead to a denial of service
CVE-2017-0320	Med	0.36	5.5	0.00	Feb 15, 2017	All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper handling of values may cause a denial of service on the system.
CVE-2017-0319	Med	0.36	5.5	0.00	Feb 15, 2017	All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper handling of values may cause a denial of service on the system.
CVE-2017-0318	Med	0.36	5.5	0.00	Feb 15, 2017	All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system.
CVE-2016-8826	Med	0.36	5.5	0.00	Dec 16, 2016	All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys for Windows or nvidia.ko for Linux) where a user can cause a GPU interrupt storm, leading to a denial of service.
CVE-2017-0354	Med	0.31	4.7	0.00	May 9, 2017	All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under raised IRQL which may lead to a denial of service.

Page 4 of 5