Lucene search

NvidiaCVELIST:CVE-2021-1115

HistoryOct 27, 2021 - 8:35 p.m.

CVE-2021-1115

2021-10-2720:35:12

CWE-476

nvidia

www.cve.org

nvidia

gpu

display driver

windows

vulnerability

kernel mode

private ioctls

null pointer dereference

denial of service

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.

CNA Affected

[
  {
    "product": "NVIDIA GPU Display Driver",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All GPU Driver versions"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5230

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-1115