Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
lenovoLenovoLENOVO:PS500054-NOSID
HistoryNov 16, 2016 - 12:00 a.m.

NVIDIA GPU Kernel Driver Escape

2016-11-1600:00:00
support.lenovo.com
51

0.001 Low

EPSS

Percentile

32.2%

JSON

Lenovo Security Advisory: LEN-5551

Potential Impact: Privilege escalation, potential information disclosure, crashes or denial of service

**Severity:**High

Scope of Impact: Industry-Wide

Summary Description:

On March 21, 2016, NVIDIA announced three high-severity driver vulnerabilities. These drivers are used in most GeForce, Quadro and NVS NVIDIA products.

CVE-2016-2556: Kernel driver escape can allow access to restricted functionality
<http://nvidia.custhelp.com/app/answers/detail/a_id/4059&gt;

CVE-2016-2557: Kernel driver escape privileged memory access
<http://nvidia.custhelp.com/app/answers/detail/a_id/4060&gt;

CVE-2016-2558: Kernel driver escape allows untrusted pointer
<http://nvidia.custhelp.com/app/answers/detail/a_id/4061&gt;

More information about these vulnerabilities can be found on NVIDIA’s product security website <http://www.nvidia.com/object/product-security.html&gt;.

Mitigation Strategy for Customers (what you should do to protect yourself):

Lenovo is currently qualifying the updated NVIDIA drivers across all applicable impacted products. The updated drivers will be posted to the Lenovo Support site for affected products as quality assurance testing is completed. Review the Product Impact section below for the list of product fixes. Once the driver has been qualified for the affected product, you will be able to link directly to the driver download page. You should visit this security advisory often to find links to the latest qualified driver for your product.

If this vulnerability puts you at an unacceptable level of risk and you want to mitigate before the Lenovo-certified driver is available for your product, you can visit the NVIDIA security webpage (www.nvidia.com/security) to download and install the reference driver. Please be aware that the reference driver has not been qualified by Lenovo. If you experience problems as a result of installing the driver from the NVIDIA support site, please contact NVIDIA directly. When the Lenovo-certified driver is available for download from the Lenovo Support site, Lenovo recommends that you uninstall the NVIDIA reference driver, and upgrade to the Lenovo Support site version.

Product Impact:

Related

lenovo 1
nessus 1
cvelist 3
nvd 3
cve 3
ubuntucve 3
prion 3
lenovo
lenovo
NVIDIA GPU Kernel Driver Escape - Lenovo Support US
2016-11-16 00:00:00
nessus
nessus
NVIDIA Graphics Driver 340.x < 341.95 / 352.x < 354.74 Multiple Vulnerabilities
2016-03-23 00:00:00
cvelist
cvelist
CVE-2016-2558
2016-04-12 14:00:00
CVE-2016-2557
2016-04-12 14:00:00
CVE-2016-2556
2016-04-12 14:00:00
nvd
nvd
CVE-2016-2558
2016-04-12 14:59:15
CVE-2016-2556
2016-04-12 14:59:13
CVE-2016-2557
2016-04-12 14:59:14
cve
cve
CVE-2016-2556
2016-04-12 14:59:13
CVE-2016-2557
2016-04-12 14:59:14
CVE-2016-2558
2016-04-12 14:59:15
ubuntucve
ubuntucve
CVE-2016-2558
2016-04-12 00:00:00
CVE-2016-2556
2016-04-12 00:00:00
CVE-2016-2557
2016-04-12 00:00:00
prion
prion
Design/Logic Flaw
2016-04-12 14:59:00
Design/Logic Flaw
2016-04-12 14:59:00
Design/Logic Flaw
2016-04-12 14:59:00

0.001 Low

EPSS

Percentile

32.2%

JSON
Related for LENOVO:PS500054-NOSID
lenovo1nessus1cvelist3nvd3cve3ubuntucve3prion3