CVE-2012-0946
published 2012-04-22CVE-2012-0946: The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges.
PriorityP426medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
0.73%
49.4th percentile
The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nvidia-graphics-drivers | < nvidia-graphics-drivers 295.40-1 (bookworm) | nvidia-graphics-drivers 295.40-1 (bookworm) |
| nvidia | unix_driver | <= 295.40 | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv4.6MEDIUM
vendor_debian4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hrfc-6g2q-85mp: The NVIDIA UNIX driver before 295
ghsa_unreviewed·2022-05-14
CVE-2012-0946 [MEDIUM] GHSA-hrfc-6g2q-85mp: The NVIDIA UNIX driver before 295
The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges.
OSV
CVE-2012-0946: The NVIDIA UNIX driver before 295
osv·2012-04-22·CVSS 4.6
CVE-2012-0946 [MEDIUM] CVE-2012-0946: The NVIDIA UNIX driver before 295
The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges.
Ubuntu
NVIDIA graphics drivers vulnerability
vendor_ubuntu·2012-04-11
CVE-2012-0946 NVIDIA graphics drivers vulnerability
Title: NVIDIA graphics drivers vulnerability
Summary: NVIDIA graphics drivers could be made to run programs as an administrator.
It was discovered that the NVIDIA graphics drivers could be reconfigured to
gain access to arbitrary system memory. A local attacker could use this
issue to possibly gain root privileges.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Debian
CVE-2012-0946: nvidia-graphics-drivers - The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memo...
vendor_debian·2012·CVSS 4.6
CVE-2012-0946 [MEDIUM] CVE-2012-0946: nvidia-graphics-drivers - The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memo...
The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges.
Scope: local
bookworm: resolved (fixed in 295.40-1)
bullseye: resolved (fixed in 295.40-1)
forky: resolved (fixed in 295.40-1)
sid: resolved (fixed in 295.40-1)
trixie: resolved (fixed in 295.40-1)
No detection rules found.
No writeups or analysis indexed.
http://nvidia.custhelp.com/app/answers/detail/a_id/3109http://secunia.com/advisories/48650http://secunia.com/advisories/48793http://www.ubuntu.com/usn/usn-1420-1/https://exchange.xforce.ibmcloud.com/vulnerabilities/74822http://nvidia.custhelp.com/app/answers/detail/a_id/3109http://secunia.com/advisories/48650http://secunia.com/advisories/48793http://www.ubuntu.com/usn/usn-1420-1/https://exchange.xforce.ibmcloud.com/vulnerabilities/74822
2012-04-22
Published