CVE-2021-1054

Published: Jan 8, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.

Affected (4)

Products: Nvidia: Gpu Driver

1 product

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nvidia Gpu Driver	From 390 to 392.63
Nvidia Gpu Driver	From 418 to 427.11
Nvidia Gpu Driver	From 450 to 452.77
Nvidia Gpu Driver	From 460 to 461.09

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (2)

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

Source: psirt@nvidia.com

Vendor Advisory

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.