CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and consequently gain privileges via a crafted ioctl call.
Vendor | Product | Version | CPE |
---|---|---|---|
nvidia | gpu_driver | * | cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:* |
nvidia | display_driver | * | cpe:2.3:a:nvidia:display_driver:*:*:*:*:*:linux:*:* |
nvidia | display_driver | 304.108 | cpe:2.3:a:nvidia:display_driver:304.108:*:*:*:*:linux:*:* |
nvidia | display_driver | 304.119 | cpe:2.3:a:nvidia:display_driver:304.119:*:*:*:*:linux:*:* |
nvidia | display_driver | 304.121 | cpe:2.3:a:nvidia:display_driver:304.121:*:*:*:*:linux:*:* |
nvidia | display_driver | 304.123 | cpe:2.3:a:nvidia:display_driver:304.123:*:*:*:*:linux:*:* |
nvidia | display_driver | 304.125 | cpe:2.3:a:nvidia:display_driver:304.125:*:*:*:*:linux:*:* |
nvidia | display_driver | 352.21 | cpe:2.3:a:nvidia:display_driver:352.21:*:*:*:*:linux:*:* |
nvidia | display_driver | 352.30 | cpe:2.3:a:nvidia:display_driver:352.30:*:*:*:*:linux:*:* |
nvidia | display_driver | * | cpe:2.3:a:nvidia:display_driver:*:*:*:*:*:*:*:* |
nvidia.custhelp.com/app/answers/detail/a_id/3763/~/cve-2015-5950-memory-corruption-due-to-an-unsanitized-pointer-in-the-nvidia
www.securitytracker.com/id/1033662
www.ubuntu.com/usn/USN-2747-1
h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04815468
h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04815468
support.lenovo.com/us/en/product_security/len_3313