CVE-2015-5950

CWE-119 — Buffer Overflow6 documents6 sources

Severity

6.9MEDIUM

EPSS

0.0%

top 85.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Display Driver Nvidia GPU Driver

Timeline

PublishedSep 30

Latest updateMay 17

Description

The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and consequently gain privileges via a crafted ioctl call.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

▶NVDnvidia/display_driver352.09+12

▶Debiannvidia-graphics-drivers< 340.93-1+3

▶NVDnvidia/gpu_driver352.30

🔴Vulnerability Details

GHSA

GHSA-gc3p-rqcf-jm9p: The NVIDIA display driver R352 before 353↗2022-05-17

▶

OSV

CVE-2015-5950: The NVIDIA display driver R352 before 353↗2015-09-30

▶

CVEList

CVE-2015-5950: The NVIDIA display driver R352 before 353↗2015-09-29

▶

📋Vendor Advisories

Ubuntu

NVIDIA graphics drivers vulnerability↗2015-09-28

▶

Debian

CVE-2015-5950: nvidia-graphics-drivers - The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; ...↗2015

▶