CVE-2016-2557
Published on: 04/12/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:15 PM UTC
Certain versions of Windows from Microsoft contain the following vulnerability:
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
- CVE-2016-2557 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 8.4 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
LOCAL | LOW | NONE | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.2 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
NVIDIA GPU Kernel Driver Escape - US | support.lenovo.com text/html |
![]() |
CVE-2016-2557: Kernel driver escape privileged memory access | Vendor Advisory nvidia.custhelp.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Microsoft | Windows | All | All | All | All |
Operating System | Microsoft | Windows | All | All | All | All |
Application | Nvidia | R340 | 431.61 | All | All | All |
Application | Nvidia | R340 | 431.61 | All | All | All |
Application | Nvidia | R352 | 353.82 | All | All | All |
Application | Nvidia | R352 | 353.82 | All | All | All |
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*:
- cpe:2.3:a:nvidia:r340:431.61:*:*:*:*:*:*:*:
- cpe:2.3:a:nvidia:r340:431.61:*:*:*:*:*:*:*:
- cpe:2.3:a:nvidia:r352:353.82:*:*:*:*:*:*:*:
- cpe:2.3:a:nvidia:r352:353.82:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE