CVE-2021-1093

Published Jul 22, 2021

Last updated a year ago

CVSS medium 5.5

Overview

Description: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
Source: psirt@nvidia.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-404

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39769B85-EDB6-4649-A86F-F72277F235A1",
            "versionEndExcluding": "418.211.00",
            "versionStartIncluding": "418.197.02"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5A345DF-457A-4B7E-A4E9-4D29FB4C9722",
            "versionEndExcluding": "427.48",
            "versionStartIncluding": "427.33"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DD69970-A1EE-46FE-B674-0E22AD11D467",
            "versionEndExcluding": "450.142.00",
            "versionStartIncluding": "450.119.03"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "650D9B87-1AFB-4462-A8D5-E993D8ECDACA",
            "versionEndExcluding": "453.10",
            "versionStartIncluding": "452.96"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52B5FD01-4AED-4915-B8C2-38233865ED86",
            "versionEndExcluding": "460.91.03",
            "versionStartIncluding": "460.73.01"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "018F843B-EFA3-4E49-A269-168221A205CA",
            "versionEndExcluding": "462.96",
            "versionStartIncluding": "462.31"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References