| Vulnerability Name: | CVE-2015-3625 (CCN-105015) | ||||||||
| Assigned: | 2015-06-19 | ||||||||
| Published: | 2015-06-19 | ||||||||
| Updated: | 2019-06-13 | ||||||||
| Summary: | The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-3625 Source: CCN Type: NVIDIA Web site CVE-2015-3625: Privilege Escalation via Unsanitized Pointer Dereference in NVIDIA FreeBSD Kernel Driver Source: CONFIRM Type: Patch, Vendor Advisory http://nvidia.custhelp.com/app/answers/detail/a_id/3693 Source: SECTRACK Type: Third Party Advisory, VDB Entry 1032981 Source: XF Type: UNKNOWN nvidia-cve20153625-priv-esc(105015) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2015-3625 (CCN-105330) | ||||||||
| Assigned: | 2015-06-16 | ||||||||
| Published: | 2015-06-16 | ||||||||
| Updated: | 2019-06-13 | ||||||||
| Summary: | The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-3625 Source: CCN Type: NVIDIA Web site CVE-2015-3625: Privilege Escalation via Unsanitized Pointer Dereference in NVIDIA FreeBSD Kernel Driver Source: XF Type: UNKNOWN nvidia-freebsd-cve20153625-priv-esc(105330) | ||||||||
| BACK | |||||||||