Vulnerabilities > CVE-2021-1075 - NULL Pointer Dereference vulnerability in Nvidia GPU Display Driver

CVSS 5.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

COMPLETE

local

low complexity

nvidia

CWE-476

NVD

Published: 2021-04-21

Updated: 2021-06-30

Summary

NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges. Attacker does not have any control over the information and may conduct limited data modification.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia GPU Display Driver 418 Nvidia GPU Display Driver 426.78 Nvidia GPU Display Driver 450 Nvidia GPU Display Driver 451.48 Nvidia GPU Display Driver 460 Nvidia GPU Display Driver 465	6

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5172