CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7384 – NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-7384
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en la capa de modo kernel (nvlddmkm.sys) donde hay longitudes de entrada/salida no verificadas en el manejo de UVMLiteController Device IO Control podría conducir a una denegación de servicio o potencial escalada de privilegios. NVIDIA's UVMLiteController ioctl handling in nvlddmkm.sys failed to provide proper length checking. • https://www.exploit-db.com/exploits/40655 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93983 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7390 – NVIDIA Driver - No Bounds Checking in Escape 0x7000194
https://notcve.org/view.php?id=CVE-2016-7390
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000194 where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges. Para los productos NVIDIA Quadro, NVS y GeForce, NVIDIA Windows GPU Display Driver R340 en versiones anteriores a 342.00 y R375 en versiones anteriores a 375.63 contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgDdiEscape ID 0x7000194 donde un valor pasado de un usuario al controlador es utilizado sin validación como el índice de una matriz interna, conduciendo a una denegación de servicio o potencial escalada de privilegios. The DxgkDdiEscape handler for 0x7000194 doesn't do bounds checking with the user provided lengths it receives. When these lengths are passed to memcpy, overreads and memory corruption can occur. • https://www.exploit-db.com/exploits/40658 http://nvidia.custhelp.com/app/answers/detail/a_id/4247 http://www.securityfocus.com/bid/93984 https://support.lenovo.com/us/en/solutions/LEN-10822 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-2558
https://notcve.org/view.php?id=CVE-2016-2558
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access. La interfaz Escape en la capa Kernel Mode Driver en el controlador gráfico NVIDIA GPU R340 en versiones anteriores a 341.95 y R352 en versiones anteriores a 354.74 en Windows permite a usuarios locales obtener información sensible, provocar una denegación de servicio (caída) u obtener privilegios a través de vectores no especificados relacionados con un puntero no fiable, lo que desencadena el acceso a memoria no inicializada o fuera de rango. • http://nvidia.custhelp.com/app/answers/detail/a_id/4061 https://support.lenovo.com/us/en/product_security/len_5551 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-2557
https://notcve.org/view.php?id=CVE-2016-2557
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access. La interfaz Escape en la capa Kernel Mode Driver en el controlador gráfico NVIDIA GPU R340 en versiones anteriores a 341.95 y R352 en versiones anteriores a 354.74 en Windows permite a usuarios locales obtener información sensible de la memoria del kernel, provocar una denegación de servicio (caída) o posiblemente obtener privilegios a través de vectores no especificados, lo que desencadena el acceso a memoria no inicializada o fuera de rango. • http://nvidia.custhelp.com/app/answers/detail/a_id/4060 https://support.lenovo.com/us/en/product_security/len_5551 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-2556
https://notcve.org/view.php?id=CVE-2016-2556
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors. La interfaz Escape en la capa Kernel Mode Driver en el controlador gráfico NVIDIA GPU R340 en versiones anteriores a 341.95 y R352 en versiones anteriores a 354.74 en Windows permite el acceso a funcionalidades restringidas de manera incorrecta, lo que permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://nvidia.custhelp.com/app/answers/detail/a_id/4059 https://support.lenovo.com/us/en/product_security/len_5551 • CWE-264: Permissions, Privileges, and Access Controls •