Vulnerability Name:

CVE-2016-4960 (CCN-117498)

Assigned:2016-08-22
Published:2016-08-22
Updated:2016-12-15
Summary:For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.
CVSS v3 Severity:7.3 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.0 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2016-4960

Source: CONFIRM
Type: Patch, Vendor Advisory
http://nvidia.custhelp.com/app/answers/detail/a_id/4213

Source: CCN
Type: NVIDIA Security Bulletin 4213
Multiple vulnerabilities affect Quadro, NVS, and GeForce Windows based systems

Source: BID
Type: UNKNOWN
93251

Source: XF
Type: UNKNOWN
nvidia-cve20164960-priv-esc(117498)

Source: CCN
Type: Lenovo Security Advisory: LEN-9334
Denial of Service Vulnerabilities in NVidia Drivers that affect Quadro, NVS and GeForce Windows-based Systems

Source: CONFIRM
Type: UNKNOWN
https://support.lenovo.com/us/en/product_security/ps500070

Vulnerable Configuration:Configuration 1:
  • cpe:/a:nvidia:geforce_experience:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:nvidia:geforce_910m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_920m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_930m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_940m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_945m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:nvs_310:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:nvs_315:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:nvs_510:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:nvs_810:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_k420:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_k620:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*
  • OR cpe:/h:nvidia:titan_x:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    nvidia geforce experience -
    nvidia geforce 910m -
    nvidia geforce 920m -
    nvidia geforce 920mx -
    nvidia geforce 930m -
    nvidia geforce 930mx -
    nvidia geforce 940m -
    nvidia geforce 940mx -
    nvidia geforce 945m -
    nvidia geforce gt 710 -
    nvidia geforce gt 730 -
    nvidia geforce gtx 1050 -
    nvidia geforce gtx 1060 -
    nvidia geforce gtx 1070 -
    nvidia geforce gtx 1080 -
    nvidia geforce gtx 950m -
    nvidia geforce gtx 960m -
    nvidia geforce gtx 965m -
    nvidia nvs 310 -
    nvidia nvs 315 -
    nvidia nvs 510 -
    nvidia nvs 810 -
    nvidia quadro k1200 -
    nvidia quadro k420 -
    nvidia quadro k620 -
    nvidia quadro m1000m -
    nvidia quadro m2000 -
    nvidia quadro m2000m -
    nvidia quadro m3000m -
    nvidia quadro m4000 -
    nvidia quadro m4000m -
    nvidia quadro m5000 -
    nvidia quadro m5000m -
    nvidia quadro m500m -
    nvidia quadro m5500 -
    nvidia quadro m6000 -
    nvidia quadro m600m -
    nvidia quadro p5000 -
    nvidia quadro p6000 -
    nvidia titan x -