CVE-2016-2557

CWE-2643 documents3 sources

Severity

8.4HIGH

EPSS

0.0%

top 88.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia GPU Driver R340 Nvidia GPU Driver R352

Timeline

PublishedApr 12

Latest updateMay 13

Description

The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages2 packages

▶NVDnvidia/gpu_driver_r340431.61

▶NVDnvidia/gpu_driver_r352353.82

🔴Vulnerability Details

GHSA

GHSA-97mv-xw8f-5x6v: The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341↗2022-05-13

▶

CVEList

CVE-2016-2557: The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341↗2016-04-12

▶