← Back

CVE-2018-3979

nvd nist
Published: Apr 1, 2019Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).

Affected (17)

Canonical
1 product
Ubuntu Linux
Nvidia
16 products
Geforce Gtx 745 Firmware
Geforce Gtx 750 Firmware
Geforce Gtx 750 Ti Firmware
Geforce Gtx 840m Firmware
Geforce Gtx 845m Firmware
Geforce Gtx 850m Firmware
Geforce Gtx 860m Firmware
Geforce Gtx 950m Firmware
Geforce Gtx 960m Firmware
Quadro K620 Firmware
Quadro K1200 Firmware
Quadro K2200 Firmware
Quadro M1000m Firmware
Quadro M1200m Firmware
Grid M30 Firmware
Grid M40 Firmware
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Ubuntu Linux
Version 18.04
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 745 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 745
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 750 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 750
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 750 Ti Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 750 Ti
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 840m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 840m
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 845m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 845m
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 850m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 850m
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 860m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 860m
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 950m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 950m
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Geforce Gtx 960m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Geforce Gtx 960m
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Quadro K620 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Quadro K620
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Quadro K1200 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Quadro K1200
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Quadro K2200 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Quadro K2200
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Quadro M1000m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Quadro M1000m
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Quadro M1200m Firmware
All versions
Running on/withPlatform Versions
Nvidia
Quadro M1200m
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Grid M30 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Grid M30
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Grid M40 Firmware
All versions
Running on/withPlatform Versions
Nvidia
Grid M40
All versions

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

Source: talos-cna@cisco.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.