Lucene search

K
ubuntucveUbuntu.comUB:CVE-2017-0350
HistoryMay 09, 2017 - 12:00 a.m.

CVE-2017-0350

2017-05-0900:00:00
ubuntu.com
ubuntu.com
8

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

10.9%

All versions of the NVIDIA GPU Display Driver contain a vulnerability in
the kernel mode layer handler where a value passed from a user to the
driver is not correctly validated and used in an offset calculation may
lead to denial of service or potential escalation of privileges.

Bugs

Notes

Author Note
tyhicks Per NVIDIA advisory, affects 375 and 381 driver branches
OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchnvidia-graphics-drivers-375< 375.66-0ubuntu0.16.04.1UNKNOWN
ubuntu16.10noarchnvidia-graphics-drivers-375< 375.66-0ubuntu0.16.10.1UNKNOWN
ubuntu17.04noarchnvidia-graphics-drivers-375< 375.66-0ubuntu0.17.04.1UNKNOWN

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

10.9%