Nvidia Gpu Display Driver vulnerabilities

CVE-2021-1116 [MEDIUM] CWE-476 CVE-2021-1116: NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sy NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.

CVE-2021-1117 [MEDIUM] CWE-129 CVE-2021-1117: Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.

CVE-2021-1092 [HIGH] CWE-59 CVE-2021-1092: NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel applicati NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.

CVE-2021-1090 [HIGH] CWE-120 CVE-2021-1090: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (n NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service.

CVE-2021-1091 [HIGH] CWE-59 CVE-2021-1091: NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.

CVE-2021-1089 [HIGH] CWE-427 CVE-2021-1089: NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled D NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.

CVE-2021-1096 [MEDIUM] CWE-476 CVE-2021-1096: NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode lay NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash.

CVE-2021-1093 [MEDIUM] CWE-404 CVE-2021-1093: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the drive NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.

CVE-2021-1094 [MEDIUM] CWE-125 CVE-2021-1094: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (n NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.

CVE-2021-1095 [MEDIUM] CWE-476 CVE-2021-1095: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (n NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.

CVE-2021-1075 [HIGH] CWE-476 CVE-2021-1075: NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges. Attacker does not ha

CVE-2021-1076 [MEDIUM] CVE-2021-1076: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kerne NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.

CVE-2021-1074 [HIGH] CVE-2021-1074: NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with loca NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires the attacker to replace the files in a very short time window bet

CVE-2021-1078 [MEDIUM] CWE-476 CVE-2021-1078: NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.

CVE-2021-1077 [MEDIUM] CWE-404 CVE-2021-1077: NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerabili NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.

CVE-2020-5966 [HIGH] CWE-476 CVE-2020-5966: NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer ( NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges.

CVE-2019-5685 [CRITICAL] CWE-787 CVE-2019-5685: NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in whi NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.

CVE-2019-5684 [CRITICAL] CWE-787 CVE-2019-5684: NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in whi NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.

CVE-2019-5683 [HIGH] CWE-59 CVE-2019-5683: NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video dri NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.

CVE-2019-5687 [HIGH] CWE-276 CVE-2019-5687: NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer ( NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor