CVE-2016-7389

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R361_93 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvidiaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
nvidiagpu_driver
304.79
nvidiagpu_driver
340.52
nvidiagpu_driver
361.91
nvidiagpu_driver
365.19
nvidiagpu_driver
368.81
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nvidia-graphics-drivers
bullseye/non-free
470.256.02-2
fixed
wheezy
no-dsa
bookworm/non-free-firmware
535.183.01-1~deb12u1
fixed
sid/non-free-firmware
535.183.06-2
fixed
trixie/non-free-firmware
535.183.06-2
fixed
nvidia-graphics-drivers-legacy-340xx
sid/non-free
340.108-23
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers
yakkety
dne
xenial
dne
trusty
dne
precise
ignored
nvidia-graphics-drivers-173
yakkety
dne
xenial
dne
trusty
dne
precise
ignored
nvidia-graphics-drivers-173-updates
yakkety
dne
xenial
dne
trusty
dne
precise
ignored
nvidia-graphics-drivers-304
yakkety
not-affected
xenial
Fixed 304.132-0ubuntu0.16.04.2
released
trusty
Fixed 304.132-0ubuntu0.14.04.2
released
precise
Fixed 304.132-0ubuntu0.12.04.1
released
nvidia-graphics-drivers-304-updates
yakkety
not-affected
xenial
not-affected
trusty
Fixed 304.132-0ubuntu0.12.04.1
released
precise
Fixed 304.132-0ubuntu0.12.04.1
released
nvidia-graphics-drivers-310-updates
yakkety
dne
xenial
dne
trusty
dne
precise
dne
nvidia-graphics-drivers-319
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-319-updates
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-331
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-331-updates
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-340
yakkety
not-affected
xenial
Fixed 340.98-0ubuntu0.16.04.1
released
trusty
Fixed 340.98-0ubuntu0.14.04.1
released
precise
Fixed 340.98-0ubuntu0.12.04.1
released
nvidia-graphics-drivers-340-updates
yakkety
not-affected
xenial
Fixed 340.98-0ubuntu0.16.04.1
released
trusty
Fixed 340.98-0ubuntu0.14.04.1
released
precise
Fixed 340.98-0ubuntu0.12.04.1
released
nvidia-graphics-drivers-346
yakkety
dne
xenial
dne
trusty
dne
precise
dne
nvidia-graphics-drivers-346-updates
yakkety
dne
xenial
dne
trusty
dne
precise
dne
nvidia-graphics-drivers-352
yakkety
not-affected
xenial
Fixed 367.57-0ubuntu0.16.04.1
released
trusty
Fixed 367.57-0ubuntu0.14.04.1
released
precise
dne
nvidia-graphics-drivers-352-updates
yakkety
not-affected
xenial
Fixed 367.57-0ubuntu0.16.04.1
released
trusty
Fixed 367.57-0ubuntu0.14.04.1
released
precise
dne
nvidia-graphics-drivers-361
yakkety
not-affected
xenial
Fixed 367.57-0ubuntu0.16.04.1
released
trusty
dne
precise
dne
nvidia-graphics-drivers-96
yakkety
dne
xenial
dne
trusty
dne
precise
ignored
nvidia-graphics-drivers-96-updates
yakkety
dne
xenial
dne
trusty
dne
precise
ignored
nvidia-graphics-drivers-experimental-304
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-experimental-310
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-tegra
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
nvidia-graphics-drivers-updates
yakkety
dne
xenial
dne
trusty
dne
precise
not-affected
Common Weakness Enumeration
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4246
http://www.securityfocus.com/bid/94177
http://nvidia.custhelp.com/app/answers/detail/a_id/4246
http://www.securityfocus.com/bid/94177