Vulnerabilities > Nvidia > GPU Driver

DATE CVE VULNERABILITY TITLE RISK
2021-01-08 CVE-2021-1056 Incorrect Default Permissions vulnerability in multiple products
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.
local
low complexity
nvidia debian CWE-276
7.1
2021-01-08 CVE-2021-1055 Unspecified vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.
local
low complexity
nvidia
5.3
2021-01-08 CVE-2021-1054 Incorrect Authorization vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.
local
low complexity
nvidia CWE-863
5.5
2021-01-08 CVE-2021-1053 Improper Input Validation vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.
local
low complexity
nvidia CWE-20
5.5
2021-01-08 CVE-2021-1052 Unspecified vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.
local
low complexity
nvidia
7.8
2021-01-08 CVE-2021-1051 Improper Privilege Management vulnerability in Nvidia GPU Driver
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.
local
low complexity
nvidia CWE-269
8.4
2019-11-12 CVE-2019-5695 Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Driver
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
local
low complexity
nvidia CWE-427
6.5
2019-11-09 CVE-2019-5694 Uncontrolled Search Path Element vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
local
low complexity
nvidia CWE-427
6.5
2019-11-09 CVE-2019-5693 Access of Uninitialized Pointer vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service.
local
low complexity
nvidia CWE-824
5.5
2019-11-09 CVE-2019-5692 Improper Validation of Array Index vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service.
local
low complexity
nvidia CWE-129
7.8