{"containers": {"cna": {"affected": [{"product": "GPU Display Driver", "vendor": "Nvidia Corporation", "versions": [{"status": "affected", "version": "All versions"}]}], "datePublic": "2017-05-09T00:00:00", "descriptions": [{"lang": "en", "value": "All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead to denial of service or potential escalation of privileges."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service, Escalation of Privileges", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-05-24T09:57:01", "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia"}, "references": [{"name": "98513", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98513"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2017-0349", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GPU Display Driver", "version": {"version_data": [{"version_value": "All versions"}]}}]}, "vendor_name": "Nvidia Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead to denial of service or potential escalation of privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service, Escalation of Privileges"}]}]}, "references": {"reference_data": [{"name": "98513", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98513"}, {"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T13:03:56.797Z"}, "title": "CVE Program Container", "references": [{"name": "98513", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/98513"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462"}]}]}, "cveMetadata": {"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "assignerShortName": "nvidia", "cveId": "CVE-2017-0349", "datePublished": "2017-05-09T21:00:00", "dateReserved": "2016-11-23T00:00:00", "dateUpdated": "2024-08-05T13:03:56.797Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F6B8C06-F379-49FB-B0F2-097752154708", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a pointer passed from a user to the driver is not correctly validated before it is dereferenced for a write operation, may lead to denial of service or potential escalation of privileges."}, {"lang": "es", "value": "Todas las versiones de NVIDIA Windows GPU Display Driver contienen una vulnerabilidad en el controlador de la capa del modo kernel (nvlddmkm.sys) para for DxgkDdiEscape, donde un puntero pasado por el usuario al controlador que no es validado correctamente antes de ser desreferenciado en una operaci\u00f3n de escritura, puede ocasionar una denegaci\u00f3n de servicio o una potencial escalada de privilegios."}], "id": "CVE-2017-0349", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-09T21:29:00.503", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462"}, {"source": "psirt@nvidia.com", "url": "http://www.securityfocus.com/bid/98513"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/98513"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}