All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service.
Weakness
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gpu_driver | Nvidia | - (including) | - (including) |
| Nvidia-graphics-drivers-173 | Ubuntu | precise | * |
| Nvidia-graphics-drivers-173 | Ubuntu | trusty | * |
| Nvidia-graphics-drivers-173-updates | Ubuntu | precise | * |
| Nvidia-graphics-drivers-304 | Ubuntu | devel | * |
| Nvidia-graphics-drivers-304 | Ubuntu | esm-infra/xenial | * |
| Nvidia-graphics-drivers-304 | Ubuntu | precise | * |
| Nvidia-graphics-drivers-304 | Ubuntu | trusty | * |
| Nvidia-graphics-drivers-304 | Ubuntu | xenial | * |
| Nvidia-graphics-drivers-304 | Ubuntu | yakkety | * |
| Nvidia-graphics-drivers-340 | Ubuntu | devel | * |
| Nvidia-graphics-drivers-340 | Ubuntu | esm-infra/xenial | * |
| Nvidia-graphics-drivers-340 | Ubuntu | precise | * |
| Nvidia-graphics-drivers-340 | Ubuntu | trusty | * |
| Nvidia-graphics-drivers-340 | Ubuntu | xenial | * |
| Nvidia-graphics-drivers-340 | Ubuntu | yakkety | * |
| Nvidia-graphics-drivers-96 | Ubuntu | precise | * |
| Nvidia-graphics-drivers-96-updates | Ubuntu | precise | * |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/122.html
- https://cwe.mitre.org/data/definitions/233.html
- https://cwe.mitre.org/data/definitions/58.html