NVIDIA Graphics Driver NVAPI Support Layer Integer Overflow Privilege Escalation (Unix / Linux)

medium Nessus Plugin ID 87411


The remote host is affected by a privilege escalation vulnerability.


The NVIDIA graphics driver installed on the remote host is affected by a privilege escalation vulnerability in the NVAPI support layer due to multiple unspecified integer overflow conditions in the underlying kernel mode driver. A local attacker can exploit this to gain access to uninitialized or out-of-bounds memory, resulting in possible information disclosure, denial of service, or the gaining of elevated privileges.


Upgrade to the appropriate video driver version according to the vendor advisory.

See Also



Plugin Details

Severity: Medium

ID: 87411

File Name: nvidia_unix_cve_2015_7869.nasl

Version: 1.9

Type: local

Agent: unix

Family: Misc.

Published: 12/16/2015

Updated: 3/15/2023

Supported Sensors: Nessus Agent, Nessus

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Medium

Base Score: 6.6

Temporal Score: 4.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:P/A:C

CVSS Score Source: CVE-2015-7869

Vulnerability Information

CPE: cpe:/a:nvidia:gpu_driver

Required KB Items: NVIDIA_UNIX_Driver/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 11/13/2015

Vulnerability Publication Date: 11/13/2015

Reference Information

CVE: CVE-2015-7869