Nvidia: Security Vulnerabilities
NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-04-02
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-04-02
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-04-02
NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-26
NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-06
NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-03-06
NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-03-06
NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high.
CVSS Score
8.4
EPSS Score
0.0
Published
2018-03-06
NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate.
CVSS Score
7.0
EPSS Score
0.0
Published
2018-03-06
An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-38415808. References: N-CVE-2017-0866.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-11-16