CVE-2021-1117

CWE-129Improper Array Index Validation3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 86.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia GPU Display DriverNvidia Nvidia GPU Display Driver
Timeline
PublishedOct 27
Latest updateMay 24

Description

Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages2 packages

NVDnvidia/gpu_display_driver390392.68+3
CVEListV5nvidia/nvidia_gpu_display_driverAll GPU Driver versions

🔴Vulnerability Details

2
GHSA
GHSA-c663-86cm-fc8f: Windows contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-24
CVEList
CVE-2021-1117: Windows contains a vulnerability in the kernel mode layer (nvlddmkm2021-10-27
CVE-2021-1117 (MEDIUM CVSS 5.5) | Windows contains a vulnerability in | cvebase.io