CVE-2016-8806
published 2016-11-08CVE-2016-8806: For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EXPLOIT
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | postgresql-common | >= 0 < 154ubuntu1.1 | 154ubuntu1.1 |
| debian | postgresql-common | >= 0 < 173ubuntu0.1 | 173ubuntu0.1 |
| nvidia | gpu_driver | >= 340 < 342.00 | 342.00 |
| nvidia | gpu_driver | >= 375 < 375.63 | 375.63 |
| xmlsoft | libxml2 | >= 0 < 2.9.1+dfsg1-3ubuntu4.8 | 2.9.1+dfsg1-3ubuntu4.8 |
| xmlsoft | libxml2 | >= 0 < 2.9.3+dfsg1-1ubuntu0.1 | 2.9.3+dfsg1-1ubuntu0.1 |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH