Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.

Related CPE's

a

nvidia

gpu_display_driver

6

o

debian

debian_linux

9.0

Vulnerable

References

https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html

Mailing ListThird Party Advisory

https://nvidia.custhelp.com/app/answers/detail/a_id/5211

PatchVendor Advisory

https://security.gentoo.org/glsa/202310-02

Third Party Advisory

Weaknesses

[email protected]

Primary
CWE-404

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-07-22T05:15:07.937

3 years ago

Last modified

2023-10-13T01:43:55.217

1 year ago