Published: 27/02/2019 Updated: 09/05/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array, which may lead to denial of service or escalation of privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nvidia gpu_driver -

HP has been notified of potential security vulnerabilities with the GPU Display Driver for certain NVIDIA products These vulnerabilities may lead to denial of service, escalation of privileges, unauthorized code execution, or information disclosure ...

CWE-129 https://nvidia.custhelp.com/app/answers/detail/a_id/4772 http://support.lenovo.com/us/en/solutions/LEN-26250 https://nvidia.custhelp.com/app/answers/detail/a_id/4797 https://nvd.nist.gov https://support.hp.com//us-en/document/c06271500

CVE-2019-5666

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect