NVIDIA Graphics Driver NVAPI Support Layer Integer Overflow Privilege Escalation (Unix / Linux)

Medium Nessus Plugin ID 87411


The remote host is affected by a privilege escalation vulnerability.


The NVIDIA graphics driver installed on the remote host is affected by a privilege escalation vulnerability in the NVAPI support layer due to multiple unspecified integer overflow conditions in the underlying kernel mode driver. A local attacker can exploit this to gain access to uninitialized or out-of-bounds memory, resulting in possible information disclosure, denial of service, or the gaining of elevated privileges.


Upgrade to the appropriate video driver version according to the vendor advisory.

See Also



Plugin Details

Severity: Medium

ID: 87411

File Name: nvidia_unix_cve_2015_7869.nasl

Version: $Revision: 1.5 $

Type: local

Family: Misc.

Published: 2015/12/16

Modified: 2016/04/28

Dependencies: 72481

Risk Information

Risk Factor: Medium


Base Score: 6.6

Temporal Score: 4.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:P/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:nvidia:gpu_driver

Required KB Items: NVIDIA_UNIX_Driver/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/11/13

Vulnerability Publication Date: 2015/11/13

Reference Information

CVE: CVE-2015-7869

OSVDB: 130643