CVE-2021-1051Improper Privilege Management in Nvidia GPU Driver

CWE-269Improper Privilege Management3 documents3 sources
Severity
8.4HIGHNVD
EPSS
0.0%
top 90.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia GPU DriverNvidia GPU Display Driver
Timeline
PublishedJan 8
Latest updateMay 24

Description

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:HExploitability: 2.0 | Impact: 5.8

Affected Packages2 packages

NVDnvidia/gpu_driver390392.63+3

🔴Vulnerability Details

2
GHSA
GHSA-4325-8w9c-7p9p: NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-24
CVEList
CVE-2021-1051: NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm2021-01-08