Lucene search

K

[email protected]NVD:CVE-2014-8298

HistoryDec 10, 2014 - 3:59 p.m.

CVE-2014-8298

2014-12-1015:59:16

CWE-19

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra (L4T) driver before R21.2, and Chrome OS driver before R40 allows remote attackers to cause a denial of service (segmentation fault and X server crash) or possibly execute arbitrary code via a crafted GLX indirect rendering protocol request.

Affected configurations

NVD

Node

nvidiagpu_driverMatchr304.125linux_kernel

OR

nvidiagpu_driverMatchr331.00linux_kernel

OR

nvidiagpu_driverMatchr331.112linux_kernel

OR

nvidiagpu_driverMatchr340.00linux_kernel

OR

nvidiagpu_driverMatchr340.65linux_kernel

OR

nvidiagpu_driverMatchr343.00linux_kernel

OR

nvidiagpu_driverMatchr343.36linux_kernel

OR

nvidiagpu_driverMatchr346.00linux_kernel

OR

nvidiagpu_driverMatchr346.22linux_kernel

Node

nvidiagpu_driverRange≤r21.2linux_kerneltegra

Node

nvidiagpu_driverRange≤r39chrome_os

References

nvidia.custhelp.com/app/answers/detail/a_id/3610

www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

Related for NVD:CVE-2014-8298

cve1 debiancve1 prion1 cvelist1 ubuntucve1 archlinux3 openvas2 freebsd1 nessus2 ubuntu1 securityvulns2 mageia1