CVE-2007-3532

2007-07-2722:30:00

CWE-264

[email protected]

web.nvd.nist.gov

nvidia drivers

/dev/nvidia*

permissions

denial of service

gentoo linux

video card

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service (crash or physical video card damage), and obtain sensitive information.

CPENameOperatorVersion
nvidia:video_drivernvidia video driverle1.0.7185
nvidia:video_drivernvidia video driverle1.0.9639
nvidia:video_drivernvidia video driverle100.14.11