CVE-2021-1076

Published Apr 21, 2021

Last updated a year ago

CVSS high 7.8

Overview

Description: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.
Source: psirt@nvidia.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3178296B-0354-4DC3-B8CB-D49D146C6063",
            "versionEndExcluding": "390.143",
            "versionStartIncluding": "390"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABD000D5-7DE6-42F7-857E-A90629738237",
            "versionEndExcluding": "418.197.02",
            "versionStartIncluding": "418"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22DC6378-9844-4247-8395-563EF075D0B2",
            "versionEndExcluding": "427.33",
            "versionStartIncluding": "418"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69312265-BEBA-48BC-A771-5C31840BBA76",
            "versionEndExcluding": "450.119.03",
            "versionStartIncluding": "450"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3876CD3B-354A-4FE5-A528-A4B135F300C6",
            "versionEndExcluding": "452.96",
            "versionStartIncluding": "450"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F136B0BE-76D2-419F-8F57-F0FE28316B1A",
            "versionEndExcluding": "460.73.01",
            "versionStartIncluding": "460"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF304158-67E3-4F9A-86D8-226626211F26",
            "versionEndExcluding": "462.31",
            "versionStartIncluding": "460"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3A8E0F4-A3DB-400C-A732-E71DCB09C35F",
            "versionEndExcluding": "465.24.02",
            "versionStartIncluding": "465"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F6BA69D-0332-4D95-867E-C03892F2091B",
            "versionEndExcluding": "466.11",
            "versionStartIncluding": "465"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References