Vulnerability CVE-2021-1117


Published: 2021-10-27   Modified: 2021-10-28

Description:
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.

Type:

CWE-129

(Improper Validation of Array Index)

CVSS2 => (AV:L/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
1.9/10
2.9/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Nvidia -> Gpu display driver 

 References:
https://nvidia.custhelp.com/app/answers/detail/a_id/5230

Copyright 2022, cxsecurity.com

 

Back to Top