Lucene search

CanonicalCVELIST:CVE-2012-0952

HistoryJul 13, 2012 - 12:00 a.m.

CVE-2012-0952 Heap overflow in control device ioctl

2012-07-1300:00:00

CWE-119

canonical

www.cve.org

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%

JSON

A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53.

CNA Affected

[
  {
    "product": "graphics drivers",
    "vendor": "nvidia",
    "versions": [
      {
        "lessThan": "295.53",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers/+bug/979373

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%

JSON

Related for CVELIST:CVE-2012-0952