QwikSec

Security Database

CVE

CWE

Training

CVE-2016-8807

Published: Nov 8, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges.

Vendor	Product	Versions
n/a	Quadro, NVS, and GeForce (all versions)	affected `Quadro, NVS, and GeForce (all versions)`

References

https://support.lenovo.com/us/en/solutions/LEN-10822

x_refsource_CONFIRM

exploit

x_refsource_EXPLOIT-DB

vdb-entry

x_refsource_BID

http://nvidia.custhelp.com/app/answers/detail/a_id/4247

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.