Out-of-bounds read in nVidia products - CVE-2017-0345
Published: May 26, 2017 / Updated: May 26, 2017
Vulnerability identifier: #VU6767
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2017-0345
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: nVidia
Affected software:
NVIDIA Windows GPU Display Driver
Quandro
NVS
Tesla
NVIDIA Windows GPU Display Driver
Quandro
NVS
Tesla
Detailed vulnerability description
The vulnerability allows a local attacker to cause DoS condition or gain elevated privileges on the target system.
The weakness exists in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape due to improper input validation. A local attacker can provide a specially crafted input used as an array size, trigger out-of-bound access in kernel memory and cause denial of service or potentially escalate privileges.
Successful exploitation of the vulnerability may result in full access to the system.
The weakness exists in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape due to improper input validation. A local attacker can provide a specially crafted input used as an array size, trigger out-of-bound access in kernel memory and cause denial of service or potentially escalate privileges.
Successful exploitation of the vulnerability may result in full access to the system.
How to mitigate CVE-2017-0345
Install update from vendor's website.