Vulnerability Description
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where untrusted input is used to reference memory outside of the intended boundary of the buffer leading to denial of service or escalation of privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Driver | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4398Vendor Advisory
- https://www.exploit-db.com/exploits/41365/
- http://nvidia.custhelp.com/app/answers/detail/a_id/4398Vendor Advisory
- https://www.exploit-db.com/exploits/41365/
FAQ
What is CVE-2017-0313?
CVE-2017-0313 is a vulnerability with a CVSS score of 7.8 (HIGH). All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where unt...
How severe is CVE-2017-0313?
CVE-2017-0313 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-0313?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Gpu Driver, Microsoft Windows.