CVE-2016-2558

CWE-119 — Buffer Overflow4 documents4 sources

Severity

8.4HIGH

EPSS

0.0%

top 88.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia GPU Driver R340 Nvidia GPU Driver R352

Timeline

PublishedApr 12

Latest updateMay 13

Description

The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages2 packages

▶NVDnvidia/gpu_driver_r340431.61

▶NVDnvidia/gpu_driver_r352353.82

🔴Vulnerability Details

GHSA

GHSA-3v54-844g-9c2g: The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341↗2022-05-13

▶

CVEList

CVE-2016-2558: The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341↗2016-04-12

▶

💬Community

Bugzilla

CVE-2016-5321 libtiff: tiffcrop readSeparateTilesIntoBuffer() memory corruption↗2016-06-15

▶