Improper access control in NVIDIA Windows GPU Display Driver - CVE-2018-6252
Published: April 12, 2018
Vulnerability identifier: #VU11794
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-6252
CWE-ID: CWE-284
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: nVidia
Affected software:
NVIDIA Windows GPU Display Driver
NVIDIA Windows GPU Display Driver
Detailed vulnerability description
The vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the kernel mode layer handler for DxgkDdiEscape due to an access to restricted functionality that is unnecessary for production usage. A local attacker can cause the service to crash.
The weakness exists in the kernel mode layer handler for DxgkDdiEscape due to an access to restricted functionality that is unnecessary for production usage. A local attacker can cause the service to crash.
How to mitigate CVE-2018-6252
Install update from vendor's website.