| Vulnerability Name: | CVE-2016-2558 (CCN-112248) | ||||||||||||
| Assigned: | 2016-03-14 | ||||||||||||
| Published: | 2016-03-14 | ||||||||||||
| Updated: | 2021-09-09 | ||||||||||||
| Summary: | The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access. | ||||||||||||
| CVSS v3 Severity: | 8.4 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 7.3 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-2558 Source: CCN Type: NVIDIA Knowledgebase 4061 CVE-2016-2558: Kernel driver escape allows untrusted pointer Source: CONFIRM Type: Vendor Advisory http://nvidia.custhelp.com/app/answers/detail/a_id/4061 Source: XF Type: UNKNOWN nvidia-gpu-cve20162558-priv-esc(112248) Source: CCN Type: Lenovo Security Advisory: LEN-5551 NVIDIA GPU Kernel Driver Escape Source: CONFIRM Type: Third Party Advisory https://support.lenovo.com/us/en/product_security/len_5551 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||