Vulnerability Details CVE-2021-1095
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
- https://nvidia.custhelp.com/app/answers/detail/a_id/5211
- https://security.gentoo.org/glsa/202310-02
- https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
- https://nvidia.custhelp.com/app/answers/detail/a_id/5211
- https://security.gentoo.org/glsa/202310-02
Products affected by CVE-2021-1095
-
cpe:2.3:a:nvidia:gpu_display_driver:418.197.02
-
cpe:2.3:a:nvidia:gpu_display_driver:427.33
-
cpe:2.3:a:nvidia:gpu_display_driver:450.119.03
-
cpe:2.3:a:nvidia:gpu_display_driver:452.96
-
cpe:2.3:a:nvidia:gpu_display_driver:460.73.01
-
cpe:2.3:a:nvidia:gpu_display_driver:462.31
-
cpe:2.3:a:nvidia:gpu_display_driver:462.59
-
cpe:2.3:o:debian:debian_linux:9.0