CVE-2016-7389

EUVD-2016-8245
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R361_93 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
nvidiagpu_driver
304.79
nvidiagpu_driver
340.52
nvidiagpu_driver
361.91
nvidiagpu_driver
365.19
nvidiagpu_driver
368.81
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nvidia-graphics-drivers
bookworm/non-free-firmware
535.183.01-1~deb12u1
fixed
bullseye/non-free
470.256.02-2
fixed
sid/non-free-firmware
535.183.06-2
fixed
trixie/non-free-firmware
535.183.06-2
fixed
wheezy
no-dsa
nvidia-graphics-drivers-legacy-340xx
sid/non-free
340.108-23
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers
precise
ignored
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-173
precise
ignored
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-173-updates
precise
ignored
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-304
precise
Fixed 304.132-0ubuntu0.12.04.1
released
trusty
Fixed 304.132-0ubuntu0.14.04.2
released
xenial
Fixed 304.132-0ubuntu0.16.04.2
released
yakkety
not-affected
nvidia-graphics-drivers-304-updates
precise
Fixed 304.132-0ubuntu0.12.04.1
released
trusty
Fixed 304.132-0ubuntu0.12.04.1
released
xenial
not-affected
yakkety
not-affected
nvidia-graphics-drivers-310-updates
precise
dne
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-319
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-319-updates
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-331
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-331-updates
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-340
precise
Fixed 340.98-0ubuntu0.12.04.1
released
trusty
Fixed 340.98-0ubuntu0.14.04.1
released
xenial
Fixed 340.98-0ubuntu0.16.04.1
released
yakkety
not-affected
nvidia-graphics-drivers-340-updates
precise
Fixed 340.98-0ubuntu0.12.04.1
released
trusty
Fixed 340.98-0ubuntu0.14.04.1
released
xenial
Fixed 340.98-0ubuntu0.16.04.1
released
yakkety
not-affected
nvidia-graphics-drivers-346
precise
dne
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-346-updates
precise
dne
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-352
precise
dne
trusty
Fixed 367.57-0ubuntu0.14.04.1
released
xenial
Fixed 367.57-0ubuntu0.16.04.1
released
yakkety
not-affected
nvidia-graphics-drivers-352-updates
precise
dne
trusty
Fixed 367.57-0ubuntu0.14.04.1
released
xenial
Fixed 367.57-0ubuntu0.16.04.1
released
yakkety
not-affected
nvidia-graphics-drivers-361
precise
dne
trusty
dne
xenial
Fixed 367.57-0ubuntu0.16.04.1
released
yakkety
not-affected
nvidia-graphics-drivers-96
precise
ignored
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-96-updates
precise
ignored
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-experimental-304
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-experimental-310
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-tegra
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
nvidia-graphics-drivers-updates
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
Common Weakness Enumeration
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4246
http://www.securityfocus.com/bid/94177
http://nvidia.custhelp.com/app/answers/detail/a_id/4246
http://www.securityfocus.com/bid/94177