{"api_version":"1","generated_at":"2026-04-23T05:14:40+00:00","cve":"CVE-2021-1093","urls":{"html":"https://cve.report/CVE-2021-1093","api":"https://cve.report/api/cve/CVE-2021-1093.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-1093","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-1093"},"summary":{"title":"CVE-2021-1093","description":"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.","state":"PUBLIC","assigner":"psirt@nvidia.com","published_at":"2021-07-22 05:15:00","updated_at":"2023-10-13 01:43:00"},"problem_types":["CWE-404"],"metrics":[],"references":[{"url":"https://security.gentoo.org/glsa/202310-02","name":"GLSA-202310-02","refsource":"GENTOO","tags":[],"title":"NVIDIA Drivers: Multiple Vulnerabilities (GLSA 202310-02) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html","name":"[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5211","name":"https://nvidia.custhelp.com/app/answers/detail/a_id/5211","refsource":"CONFIRM","tags":[],"title":"Security Bulletin: NVIDIA GPU Display Drivers - July 2021 | NVIDIA","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-1093","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1093","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"1093","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"1093","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nvidia","cpe5":"gpu_display_driver","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"linux","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"1093","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nvidia","cpe5":"gpu_display_driver","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-1093","qid":"179010","title":"Debian Security Update for nvidia-graphics-drivers (DLA 2888-1)"},{"cve":"CVE-2021-1093","qid":"180812","title":"Debian Security Update for nvidia-graphics-drivers (CVE-2021-1093)"},{"cve":"CVE-2021-1093","qid":"198439","title":"Ubuntu Security Notification for NVIDIA graphics drivers vulnerabilities (USN-5019-1)"},{"cve":"CVE-2021-1093","qid":"710762","title":"Gentoo Linux NVIDIA Drivers Multiple Vulnerabilities (GLSA 202310-02)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@nvidia.com","ID":"CVE-2021-1093","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"NVIDIA GPU Display Driver","version":{"version_data":[{"version_value":"All GPU Driver versions"}]}}]},"vendor_name":"NVIDIA"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.2,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"denial of service"}]}]},"references":{"reference_data":[{"name":"https://nvidia.custhelp.com/app/answers/detail/a_id/5211","refsource":"CONFIRM","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5211"},{"refsource":"MLIST","name":"[debian-lts-announce] 20220118 [SECURITY] [DLA 2888-1] nvidia-graphics-drivers security update","url":"https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html"},{"refsource":"GENTOO","name":"GLSA-202310-02","url":"https://security.gentoo.org/glsa/202310-02"}]},"source":{"discovery":"UNKNOWN"}},"nvd":{"publishedDate":"2021-07-22 05:15:00","lastModifiedDate":"2023-10-13 01:43:00","problem_types":["CWE-404"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":4.9},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*","versionStartIncluding":"427.33","versionEndExcluding":"427.48","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*","versionStartIncluding":"452.96","versionEndExcluding":"453.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*","versionStartIncluding":"462.31","versionEndExcluding":"462.96","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*","versionStartIncluding":"418.197.02","versionEndExcluding":"418.211.00","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*","versionStartIncluding":"450.119.03","versionEndExcluding":"450.142.00","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*","versionStartIncluding":"460.73.01","versionEndExcluding":"460.91.03","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"1093","Ordinal":"191106","Title":"CVE-2021-1093","CVE":"CVE-2021-1093","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"1093","Ordinal":"1","NoteData":"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"1093","Ordinal":"2","NoteData":"2021-07-22","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"1093","Ordinal":"3","NoteData":"2022-01-18","Type":"Other","Title":"Modified"}]}}}