CVE-2021-1052

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

Details

Source: MITRE

Published: 2021-01-08

Updated: 2021-01-14

Type: CWE-269

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (6 total)

IDNameProductFamilySeverity
145234Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel update (USN-4689-4)NessusUbuntu Local Security Checks
high
145228Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : NVIDIA graphics drivers vulnerabilities (USN-4689-3)NessusUbuntu Local Security Checks
high
145035NVIDIA Windows GPU Display Driver (January 2021)NessusWindows
high
145034NVIDIA Linux GPU Display (January 2021)NessusMisc.
high
144897Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : NVIDIA graphics drivers vulnerabilities (USN-4689-1)NessusUbuntu Local Security Checks
high
144869Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4689-2)NessusUbuntu Local Security Checks
high