Security Bulletin: NVIDIA GPU contains multiple vulnerabilities in the kernel mode layer handler

Vulnerability Details

The following sections summarize the vulnerabilities. Descriptions use CWE™ and risk assessments follow CVSS.

CVE-2017-6269

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validation, which may lead to denial of service or potential escalation of privileges.

CVSS Base Score: 8.8
CVSS Temporal Score: 8.2
CVSS Vector: CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

CVE-2017-6268

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array, which may lead to denial of service or possible escalation of privileges.

CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

CVE-2017-6277

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array, which may lead to denial of service or possible escalation of privileges.

CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

CVE-2017-6272

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array, which may lead to a denial of service or possible escalation of privileges.

CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

CVE-2017-6266

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service.

CVSS Base Score: 6.5
CVSS Temporal Score: 5.9
CVSS Vector CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C

CVE-2017-6267

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop, which may lead to a denial of service.

CVSS Base Score: 6.5
CVSS Temporal Score: 5.9
CVSS V3 Vector CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C

CVE-2017-6270

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation, which may lead to a possible division by zero and denial of service.

CVSS Base Score: 6.5
CVSS Temporal Score: 5.9
CVSS Vector: CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C

CVE-2017-6271

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information, which may lead to a possible division by zero and denial of service.

CVSS Base Score: 6.5
CVSS Temporal Score: 5.9
CVSS Vector: CVSS: 3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C

NVIDIA’s risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration. NVIDIA doesn’t know of any exploits of these issues at this time.