CVE-2015-5053

Published: Nov 24, 2015Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.

Affected (11)

Products: Nvidia: Gpu Driver

Nvidia

1 product

Gpu Driver

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Nvidia Gpu Driver	Version 346.16
Nvidia Gpu Driver	Version 346.22
Nvidia Gpu Driver	Version 346.35
Nvidia Gpu Driver	Version 346.47
Nvidia Gpu Driver	Version 346.59
Nvidia Gpu Driver	Version 346.72
Nvidia Gpu Driver	Version 346.82
Nvidia Gpu Driver	Version 352.09
Nvidia Gpu Driver	Version 352.21
Nvidia Gpu Driver	Version 352.30
Nvidia Gpu Driver	Version 352.41

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

http://nvidia.custhelp.com/app/answers/detail/a_id/3802

Source: cve@mitre.org

Vendor Advisory

http://nvidia.custhelp.com/app/answers/detail/a_id/3802

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.