CVE-2017-0313

EUVD-2017-0669
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where untrusted input is used to reference memory outside of the intended boundary of the buffer leading to denial of service or escalation of privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
nvidiagpu_driver
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4398
https://www.exploit-db.com/exploits/41365/
http://nvidia.custhelp.com/app/answers/detail/a_id/4398
https://www.exploit-db.com/exploits/41365/