CVE-2016-2557
Last modified
CVE-2016-2557 is a high-severity vulnerability rated 8.4/10 on the CVSS scale. The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Driver R340 | 431.61 |
| Nvidia | Gpu Driver R352 | 353.82 |
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4060Vendor Advisory
- https://support.lenovo.com/us/en/product_security/len_5551Third Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/4060Vendor Advisory
- https://support.lenovo.com/us/en/product_security/len_5551Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-2557?
How severe is CVE-2016-2557?
How do I fix CVE-2016-2557?
Are you affected by CVE-2016-2557?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST