CVE-2017-0321

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name	Vendor	Start Version	End Version
Gpu_driver	Nvidia	- (including)	- (including)
Nvidia-graphics-drivers-173	Ubuntu	precise	*
Nvidia-graphics-drivers-173	Ubuntu	trusty	*
Nvidia-graphics-drivers-173-updates	Ubuntu	precise	*
Nvidia-graphics-drivers-304	Ubuntu	devel	*
Nvidia-graphics-drivers-304	Ubuntu	precise	*
Nvidia-graphics-drivers-304	Ubuntu	trusty	*
Nvidia-graphics-drivers-304	Ubuntu	xenial	*
Nvidia-graphics-drivers-304	Ubuntu	yakkety	*
Nvidia-graphics-drivers-340	Ubuntu	devel	*
Nvidia-graphics-drivers-340	Ubuntu	precise	*
Nvidia-graphics-drivers-340	Ubuntu	trusty	*
Nvidia-graphics-drivers-340	Ubuntu	xenial	*
Nvidia-graphics-drivers-340	Ubuntu	yakkety	*
Nvidia-graphics-drivers-96	Ubuntu	precise	*
Nvidia-graphics-drivers-96-updates	Ubuntu	precise	*

Potential Mitigations

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4398

NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-0321
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References