CVE-2017-0318

CVE-2017-0318 affects all versions of the NVIDIA Linux GPU Display Driver. The vulnerability is in the kernel mode layer handler, where improper validation of an input parameter may cause a denial of service on the system. No specific patch/version/fix is provided in the connected documents; deta...

CVE-2017-0312

The CVE-2017-0312 issue affects the NVIDIA Windows GPU Display Driver (nvlddmkm.sys) in the DxgkDdiEscape handler for ID 0x100008b. A user-supplied value is used as the loop limit, enabling denial of service or potential privilege escalation. Affected driver branches include 375.x (prior to 376.6...

CVE-2017-0317

CVE-2017-0317 concerns the NVIDIA GPU and GeForce Experience installer on Windows. The vulnerability arises from improper permissions on the package extraction path, which could allow a non-privileged user to tamper with extracted files and potentially escalate to code execution. The connected Ne...

CVE-2017-0317

All versions of NVIDIA GPU and GeForce Experience installer contain a vulnerability where it fails to set proper permissions on the package extraction path thus allowing a non-privileged user to tamper with the extracted files, potentially leading to escalation of privileges via code execution...

CVE-2017-0315

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where an attempt to access an invalid object pointer may lead to denial of service or potential escalation of privileges...

CVE-2017-0323

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges...

CVE-2017-0312

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscapeID 0x100008b where user provided input is used as the limit for a loop may lead to denial of service or potential escalation of privileges...

CVE-2017-0319

Talos’ vulnerability report confirms CVE-2017-0319 is a heap overflow in Poppler-0.53.0 affecting the image rendering path DCTStream::readProgressiveSOF(). A crafted PDF can trigger heap corruption via an oversized color components count during image rendering, enabling potential code execution o...

CVE-2017-0308

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where untrusted input is used for buffer size calculation leading to denial of service or escalation of privileges...

CVE-2017-0324

The CVE-2017-0324 case concerns the NVIDIA Windows GPU Display Driver, where the kernel-mode driver component nvlddmkm.sys mishandles input buffer sizing in the DxgkDdiEscape path. The vulnerability can lead to denial of service or, in some cases, elevation of privileges. Public details across co...

CVE-2017-0321

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges...

CVE-2017-0308

NVIDIA Windows GPU Display Driver (nvlddmkm.sys)DxgkDdiEscape handling in the kernel-mode layer is vulnerable. The issue (CVE-2017-0308) arises from untrusted input used to calculate the input buffer size, which can lead to denial of service or elevation of privileges. The connected Nessus entry ...

CVE-2017-0311

CVE-2017-0311 : NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where improper access control may lead to denial of service or possible escalation of privileges. A local attacker could exploit this with low attack complexity (LOCAL vector, no authenticatio...

CVE-2017-0324

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges...

CVE-2017-0322

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler where a value passed from a user to the driver is not correctly validated and used as the index to an array, leading to denial of service or potential escalation of privileges...

CVE-2017-0310

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service...

CVE-2017-0309

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service or potential escalation of privileges...

CVE-2017-0318

All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system...

QEMU Denial of Service Vulnerability (CNVD-2017-01853)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in the 'virtio-gpu-3d.c' file in QEMU. An attacker can exploit this vulnerability to cause a QEMU...

QEMU Denial of Service Vulnerability (CNVD-2017-01851)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in the 'virtio-gpu.c' file in QEMU. An attacker can exploit this vulnerability to cause a QEMU instan...