7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
21.0%
NVIDIA GPU display driver vulnerabilities may lead to code execution, denial of service, information disclosure, or escalation of privileges. Go to NVIDIA Product Security.
This section summarizes the potential vulnerabilities. Descriptions use CWEβ’ and risk assessments follow CVSS.
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
where a NULL pointer dereference may lead to denial of service or possible escalation of privileges.
CVSS Base Score: 8.8 CVSS Temporal Score: 7.9 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape
where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges.
CVSS Base Score: 8.8 CVSS Temporal Score: 7.9 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.
CVSS Base Score: 8.8 CVSS Temporal Score: 7.9 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
where a NULL pointer dereference occurs, which may lead to denial of service or possible escalation of privileges.
CVSS Base Score: 8.2 CVSS Temporal Score: 7.1 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution.
CVSS Base Score: 7.0 CVSS Temporal Score: 6.3 CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape
where the software allows an actor access to restricted functionality that is unnecessary for production usage, and which may result in denial of service.
CVSS Base Score: 6.5 CVSS Temporal Score: 5.9 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.
CVSS Base Score: 5.5 CVSS Temporal Score: 5.0 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
NVIDIAβs risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration. NVIDIA doesnβt know of any exploits of these issues at this time.
The following software is impacted by the issues described in this bulletin.
CVEs | Software Products | Operating Systems |
---|---|---|
CVE-2018-6247 CVE-2018-6248 CVE-2018-6249 CVE-2018-6250 CVE-2018-6251 CVE-2018-6252 | GeForce Quadro NVS Tesla | Windows |
CVE-2018-6249 CVE-2018-6253 | GeForce Quadro NVS Tesla | Windows Linux FreeBSD Solaris |
Notes:
The following supported software versions contain the security updates for the issues described in this bulletin. If you are using an unsupported software version or an earlier driver branch that is no longer supported, upgrade to one of the updated supported versions listed.
Product | Product Series | OS | Driver Branch | Updated Versions |
---|---|---|---|---|
GeForce | All | Windows | R390 | 391.35 including HD Audio 1.3.36.6 |
Quadro, NVS | All | Windows | R390 | 391.33 including HD Audio 1.3.36.6 |
R384 | 386.28 including HD Audio 1.3.36.6 | |||
Tesla | All | Windows | R390 | 391.29 including HD Audio 1.3.36.6 |
R384 | 386.28 including HD Audio 1.3.36.6 |
Product | Product Series | OS | Driver Branch | Updated Versions |
---|---|---|---|---|
GeForce | All | Linux, FreeBSD, Solaris | R390 | 390.48 |
R384 | 384.130 | |||
Quadro, NVS | All | Linux, FreeBSD, Solaris | R390 | 390.48 |
R384 | 384.130 | |||
Tesla | All | Linux | R390 | 390.46 |
R384 | 384.125 |
None.
CVE-2018-6251: NVIDIA thanks Piotr Bania of Cisco Talos for reporting this issue to NVIDIA PSIRT.
CVE-2018-6253: NVIDIA thanks the member of Cisco Talos for reporting this issue to NVIDIA PSIRT.
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
21.0%