CVE-2018-6248
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges.
NVIDIA Windows GPU Display Driver contiene una vulnerabilidad en el manipulador de capas en modo kernel para DxgkDdiEscape cuando el software utiliza una operación secuencial para leer o escribir en un búfer, pero utiliza un valor de longitud incorrecto que provoca que se acceda a la memoria que está fuera de los límites del búfer. Esto provoca una denegación de servicio (DoS) o un posible escalado de privilegios.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-25 CVE Reserved
- 2018-04-02 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4649 | 2018-05-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nvidia Search vendor "Nvidia" | Gpu Driver Search vendor "Nvidia" for product "Gpu Driver" | - | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|