Description
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- NVIDIA / GeForceAll driver versions prior to 591.59 – All driver versions prior to 591.59
- NVIDIA / Guest driver539.56(All versions prior to and including vGPU software 16.12) – 539.56(All versions prior to and including vGPU software 16.12)
- NVIDIA / Guest driver581.80(All versions prior to and including vGPU software 19.3) – 581.80(All versions prior to and including vGPU software 19.3)
- NVIDIA / Guest driver573.76(All versions prior to and including vGPU software 18.5) – 573.76(All versions prior to and including vGPU software 18.5)
- NVIDIA / RTX PRO, RTX, QuadroAll driver versions prior to 539.64 – All driver versions prior to 539.64
- NVIDIA / RTX PRO, RTX, QuadroAll driver versions prior to 591.59 – All driver versions prior to 591.59
- NVIDIA / RTX PRO, RTX, QuadroAll driver versions prior to 582.16 – All driver versions prior to 582.16
- NVIDIA / RTX PRO, RTX, QuadroAll driver versions prior to 573.96 – All driver versions prior to 573.96
- NVIDIA / TeslaAll driver versions prior to 539.64 – All driver versions prior to 539.64
- NVIDIA / TeslaAll driver versions prior to 591.59 – All driver versions prior to 591.59
- NVIDIA / TeslaAll driver versions prior to 582.16 – All driver versions prior to 582.16
- NVIDIA / TeslaAll driver versions prior to 573.91 – All driver versions prior to 573.91