CVE-2016-8807
published 2016-11-08CVE-2016-8807: For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EXPLOIT
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | gpu_driver | >= 340 < 342.00 | 342.00 |
| nvidia | gpu_driver | >= 375 < 375.63 | 375.63 |