CVE-2021-1115

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.0%
top 88.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia GPU Display DriverNvidia Nvidia GPU Display Driver
Timeline
PublishedOct 27
Latest updateMay 24

Description

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages2 packages

NVDnvidia/gpu_display_driver390392.68+3
CVEListV5nvidia/nvidia_gpu_display_driverAll GPU Driver versions

Patches

Patch: nvidia.custhelp.comPatch: nvidia.custhelp.com

🔴Vulnerability Details

2
GHSA
GHSA-67fm-36qr-9xr9: NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-24
CVEList
CVE-2021-1115: NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm2021-10-27
CVE-2021-1115 (MEDIUM CVSS 6.5) | NVIDIA GPU Display Driver for Windo | cvebase.io