99 matches found
Input validation
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...
CVE-2016-7390
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x7000194 where a value passed from a user to the driver is used without...
CVE-2016-7384
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of...
CVE-2016-4960
For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege...
CVE-2016-8810
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x100009a where a value passed from an user to the driver is used without...
CVE-2016-5852
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system...
CVE-2016-4959
CVE-2016-4959 affects NVIDIA Quadro, NVS, and GeForce Windows drivers. It causes a remote desktop denial of service via a kernel NULL pointer dereference, leading to a blue-screen crash. Affected components include the NVDisplay/driver stack referenced in NVIDIA security advisories; Lenovo LEN-93...
CVE-2016-8809
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial ...
CVE-2016-4961
CVE-2016-4961 affects NVIDIA Quadro, NVS, and GeForce Windows drivers. The root cause is improper sanitization of parameters in the NVStreamKMS.sys API layer, causing a denial-of-service (blue-screen crash). Affected component is the NVStreamKMS.sys driver; impact is high for availability with lo...
CVE-2016-7388
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or...
CVE-2016-7385
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x700010d where a value passed from a user to the driver is used without...
CVE-2016-7390
CVE-2016-7390 affects NVIDIA Windows GPU Display Driver (nvlddmkm.sys) for Quadro/NVS/GeForce. The kernel-mode DxgDdiEscape handler for ID 0x7000194 uses a user-supplied value as an index into an internal array without validation, enabling denial of service or potential privilege escalation. Affe...
CVE-2016-8812
CVE-2016-8812 affects NVIDIA Windows GPU drivers for NVIDIA Quadro/NVS/GeForce with GeForce Experience (GFE) R340 prior to 2.11.4.125 and R375 prior to 3.1.0.52. The issue is a kernel-mode stack buffer overflow in nvstreamkms.sys triggered by specially crafted executable paths, requiring GeForce ...
CVE-2016-8810
CVE-2016-8810 affects NVIDIA Windows GPU Display Driver (nvlddmkm.sys) on Quadro/NVS/GeForce with DxgDdiEscape 0x100009a. The root cause is a value passed from user space used as an index to an internal array without proper validation, leading to denial of service or potential privilege escalatio...
CVE-2016-8809
CVE-2016-8809 affects NVIDIA Windows GPU Display Driver (Quadro/NVS/GeForce) with vulnerable nvlddmkm.sys DxgDdiEscape handler for 0x70001b2 where the input buffer size is not validated, enabling local denial of service or privilege escalation. Affected driver lines include NVIDIA Windows Display...
CVE-2016-8807
CVE-2016-8807 affects the NVIDIA Windows GPU Display Driver (nvlddmkm.sys) in the kernel-mode layer. The issue occurs in the DxgDdiEscape handler for ID 0x10000e9, where a user-supplied size is used as the input size to memcpy, causing a stack-based buffer overflow. This can lead to denial of ser...
CVE-2016-7391
NVIDIA CVE-2016-7391 affects the Windows GPU Display Driver (nvlddmkm.sys) in the kernel mode layer. The issue is in DxgDdiEscape 0x100010b where a missing array bounds check can write to kernel memory, enabling denial of service or potential privilege escalation. Affected driver ranges per CVE d...
CVE-2016-7386
CVE-2016-7386 affects NVIDIA Windows GPU Display Driver (nvlddmkm.sys) in the kernel mode layer. The vulnerability in the DxgDdiEscape handler (ID 0x70000D4) can leak kernel memory to user space via an uninitialized buffer. Affected products include NVIDIA Quadro, NVS, and GeForce on Windows; vul...
CVE-2016-3161
For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system...
CVE-2016-7391
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel...