CVE-2016-5025
medium
CVSS v3
6.6
CVSS v2
6.1
VIR risk
6.6
Description
For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.
Predictions
Exploit likelihood
65%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@nvidia.com — http://nvidia.custhelp.com/app/answers/detail/a_id/4213
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| nvidia | gpu_driver | {"startIncluding":"340","endExcluding":"341.96"} | 341.96 |
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4213
- http://www.securityfocus.com/bid/93251
- https://support.lenovo.com/us/en/product_security/ps500070
- http://nvidia.custhelp.com/app/answers/detail/a_id/4213
- http://www.securityfocus.com/bid/93251
- https://support.lenovo.com/us/en/product_security/ps500070
CWEs
CWE-20
Verify integrity in audit chain (admin only). AS-IS.