Nvidia Corporation Gpu Display Driver vulnerabilities

CVE-2017-6292 [HIGH] CWE-787 CVE-2017-6292: In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android:

CVE-2017-6290 [HIGH] CWE-190 CVE-2017-6290: In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. User interaction not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69559414. Refer

CVE-2017-6294 [HIGH] CWE-787 CVE-2017-6294: In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69316825. Reference: N-CVE-2017-6294.

CVE-2018-6250 [HIGH] CWE-476 CVE-2018-6250: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) h NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges.

CVE-2018-6247 [HIGH] CWE-476 CVE-2018-6247: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) h NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges.

CVE-2018-6251 [HIGH] CWE-119 CVE-2018-6251: NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution.

CVE-2018-6249 [HIGH] CWE-476 CVE-2018-6249: NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.

CVE-2018-6248 [HIGH] CWE-125 CVE-2018-6248: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for Dxgk NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalatio

CVE-2018-6253 [MEDIUM] CWE-835 CVE-2018-6253: NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.

CVE-2018-6252 [MEDIUM] CVE-2018-6252: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for Dxgk NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service.

CVE-2017-6277 [HIGH] CWE-20 CVE-2017-6277: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) h NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of privileges.

CVE-2017-6268 [HIGH] CWE-20 CVE-2017-6268: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) h NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or possible escalation of privileges.

CVE-2017-6269 [HIGH] CWE-20 CVE-2017-6269: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) h NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is used without validation which may lead to denial of service or possible escalation of privileges.

CVE-2017-6272 [HIGH] CWE-20 CVE-2017-6272: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value pa NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to a denial of service or possible escalation of privileges.

CVE-2017-6270 [MEDIUM] CWE-369 CVE-2017-6270: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for Dxgk NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation during a calculation which may lead to a potential divide by zero and denial of service.

CVE-2017-6267 [MEDIUM] CWE-665 CVE-2017-6267: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorre NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite loop which may lead to a denial of service.

CVE-2017-6266 [MEDIUM] CVE-2017-6266: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper a NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service.

CVE-2017-6271 [MEDIUM] CWE-369 CVE-2017-6271: NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for Dxgk NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service.

CVE-2017-0351 [HIGH] CWE-476 CVE-2017-0351: All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handl All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.

CVE-2017-0345 [HIGH] CWE-129 CVE-2017-0345: All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode lay All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where user provided input used as an array size is not correctly validated allows out of bound access in kernel memory and may lead to denial of service or potential escalation of privileges