Published: 08/11/2016 Updated: 28/11/2016

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 prior to 304.132, R340 prior to 340.98, R367 prior to 367.55, R361_93 prior to 361.93.03, and R370 prior to 370.28 contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nvidia gpu_driver 368.81
nvidia gpu_driver 361.91
nvidia gpu_driver 365.19
nvidia gpu_driver 304.79
nvidia gpu_driver 340.52

NVIDIA graphics drivers could be made to run programs as an administrator ...

Debian Bug report logs - #848195 nvidia-graphics-drivers: CVE-2016-8826 Package: src:nvidia-graphics-drivers; Maintainer for src:nvidia-graphics-drivers is Debian NVIDIA Maintainers <pkg-nvidia-devel@listsaliothdebianorg>; Reported by: Andreas Beckmann <anbe@debianorg> Date: Thu, 15 Dec 2016 02:12:02 UTC Severity ...

Debian Bug report logs - #846331 nvidia-graphics-drivers: CVE-2016-7382, CVE-2016-7389: missing permissions check and improper validation vulnerability Package: src:nvidia-graphics-drivers; Maintainer for src:nvidia-graphics-drivers is Debian NVIDIA Maintainers <pkg-nvidia-devel@listsaliothdebianorg>; Reported by: Andreas ...

CWE-264 http://nvidia.custhelp.com/app/answers/detail/a_id/4246 http://www.securityfocus.com/bid/94177 https://usn.ubuntu.com/3122-1/https://nvd.nist.gov

CVE-2016-7389

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect