For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000194 where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gpu_driver | Nvidia | 340 (including) | 342.00 (excluding) |
| Gpu_driver | Nvidia | 375 (including) | 375.63 (excluding) |
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4247
- http://www.securityfocus.com/bid/93984
- https://support.lenovo.com/us/en/solutions/LEN-10822
- https://www.exploit-db.com/exploits/40658/
- http://nvidia.custhelp.com/app/answers/detail/a_id/4247
- http://www.securityfocus.com/bid/93984
- https://support.lenovo.com/us/en/solutions/LEN-10822
- https://www.exploit-db.com/exploits/40658/