CVE-2016-2558
Last modified
CVE-2016-2558 is a high-severity vulnerability rated 8.4/10 on the CVSS scale. The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Driver R340 | 431.61 |
| Nvidia | Gpu Driver R352 | 353.82 |
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4061Vendor Advisory
- https://support.lenovo.com/us/en/product_security/len_5551Third Party Advisory
- http://nvidia.custhelp.com/app/answers/detail/a_id/4061Vendor Advisory
- https://support.lenovo.com/us/en/product_security/len_5551Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-2558?
How severe is CVE-2016-2558?
How do I fix CVE-2016-2558?
Are you affected by CVE-2016-2558?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST