CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7391 – NVIDIA Driver - Escape 0x100010b Missing Bounds Check
https://notcve.org/view.php?id=CVE-2016-7391
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel memory, leading to denial of service or potential escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x100010b donde la falta de una comprobación de los límites del array puede permitir a usuarios escribir a la memoria del kernel, conduciendo a una denegación de servicio o a una potencial escalada de privilegios. NVIDIA suffers from a missing bounds check in escape 0x100010b. • https://www.exploit-db.com/exploits/40661 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93987 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-8809 – NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2
https://notcve.org/view.php?id=CVE-2016-8809
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo del kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x70001b2 donde el tamaño de búfer entrante no es validado, conduciendo a una denegación de servicio o potencial escalada de privilegios. The DxgkDdiEscape handler for 0x70001b2 doesn't do proper bounds checks for its variable size input. • https://www.exploit-db.com/exploits/40664 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93992 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7385 – NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d
https://notcve.org/view.php?id=CVE-2016-7385
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x700010d where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x700010d donde un valor pasado de un usuario al controlador es utilizado sin validación como el índice de una matriz interna, conduciendo a una denegación de servicio o potencial escalada de privilegios. The DxgkDdiEscape handler for 0x700010d accepts a user provided pointer as the destination for a memcpy call, without doing any checks on said pointer. • https://www.exploit-db.com/exploits/40657 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93981 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7387 – NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D
https://notcve.org/view.php?id=CVE-2016-7387
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000D where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00, R367 en versiones anteriores a 369.59 y R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x600000D donde un valor pasado de un usuario al controlador es utilizado sin validación como el índice de una matriz interna, conduciendo a una denegación de servicio o potencial escalada de privilegios. The DxgkDdiEscape handler for 0x600000D passes an unchecked user provided pointer as the destination for a memcpy call. This leads to kernel memory corruption. • https://www.exploit-db.com/exploits/40659 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93985 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7386 – NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace
https://notcve.org/view.php?id=CVE-2016-7386
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x70000D4 lo que podría conducir al filtrado de contenidos de la memoria del kernel al espacio de usuario a través de un búfer no iniciado. NVIDIA escape code leaks uninitialized ExAllocatePoolWithTag memory to userspace. • https://www.exploit-db.com/exploits/40656 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93982 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •