Nvidia Gpu Display Driver vulnerabilities

CVE-2021-1091 [HIGH] CWE-59 CVE-2021-1091: NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.

CVE-2021-1089 [HIGH] CWE-427 CVE-2021-1089: NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled D NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.

CVE-2021-1090 [HIGH] CWE-120 CVE-2021-1090: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (n NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service.

CVE-2021-1095 [MEDIUM] CWE-476 CVE-2021-1095: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (n NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.

CVE-2021-1096 [MEDIUM] CWE-476 CVE-2021-1096: NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode lay NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash.

CVE-2021-1093 [MEDIUM] CWE-404 CVE-2021-1093: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the drive NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.

CVE-2021-1094 [MEDIUM] CWE-125 CVE-2021-1094: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (n NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.

CVE-2021-1075 [HIGH] CWE-476 CVE-2021-1075: NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges. Attacker does not ha

CVE-2021-1076 [MEDIUM] CVE-2021-1076: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kerne NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.

CVE-2021-1074 [HIGH] CVE-2021-1074: NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with loca NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires the attacker to replace the files in a very short time window bet

CVE-2021-1078 [MEDIUM] CWE-476 CVE-2021-1078: NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.

CVE-2021-1077 [MEDIUM] CWE-404 CVE-2021-1077: NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerabili NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.

CVE-2021-1051 [HIGH] CWE-269 CVE-2021-1051: NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sy NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.

CVE-2021-1056 [HIGH] CWE-276 CVE-2021-1056: NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.

CVE-2021-1052 [HIGH] CVE-2021-1052: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kerne NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.

CVE-2021-1055 [MEDIUM] CVE-2021-1055: NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode lay NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.

CVE-2021-1054 [MEDIUM] CWE-863 CVE-2021-1054: NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode lay NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.

CVE-2021-1053 [MEDIUM] CWE-20 CVE-2021-1053: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kerne NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.

CVE-2020-5979 [HIGH] CVE-2020-5979: NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Pane NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.

CVE-2020-5981 [HIGH] CWE-787 CVE-2020-5981: NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution.