CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on
Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on
Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to
write to an arbitrary kernel memory location and consequently gain
privileges via a crafted ioctl call.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-304 | < 304.128-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | nvidia-graphics-drivers-304 | < 304.128-0ubuntu0.0.1 | UNKNOWN |
ubuntu | 15.04 | noarch | nvidia-graphics-drivers-304 | < 304.128-0ubuntu0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-304-updates | < 304.128-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | nvidia-graphics-drivers-304-updates | < 304.128-0ubuntu0.0.1 | UNKNOWN |
ubuntu | 15.04 | noarch | nvidia-graphics-drivers-304-updates | < 304.128-0ubuntu0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-331 | < 340.93-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-331-updates | < 340.93-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 12.04 | noarch | nvidia-graphics-drivers-340 | < 340.93-0ubuntu0.0.0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | nvidia-graphics-drivers-340 | < 340.93-0ubuntu0.0.1 | UNKNOWN |
nvidia.custhelp.com/app/answers/detail/a_id/3763/~/cve-2015-5950-memory-corruption-due-to-an-unsanitized-pointer-in-the-nvidia
launchpad.net/bugs/cve/CVE-2015-5950
nvd.nist.gov/vuln/detail/CVE-2015-5950
security-tracker.debian.org/tracker/CVE-2015-5950
ubuntu.com/security/notices/USN-2747-1
www.cve.org/CVERecord?id=CVE-2015-5950