CVE-2017-6268Improper Input Validation in Corporation GPU Display Driver

CWE-20Improper Input Validation3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 85.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Corporation GPU Display Driver
Timeline
PublishedSep 22
Latest updateMay 17

Description

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of privileges.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-37j5-q5w5-77x4: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-17
CVEList
CVE-2017-6268: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm2017-09-22
CVE-2017-6268 — Improper Input Validation | cvebase