CVE-2016-7387

HIGH

NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Denial of Service or Privilege Escalation via DxgDdiEscape Handler

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-7387. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit targets a kernel memory corruption vulnerability in the NVIDIA driver (DxgkDdiEscape handler) by passing an unchecked user-provided pointer to a memcpy call, leading to a SYSTEM_SERVICE_EXCEPTION crash. The PoC requires compilation as a x64 binary using the WDK for D3DKMTEscape.

Description

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000D where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/40659

This exploit targets a kernel memory corruption vulnerability in the NVIDIA driver (DxgkDdiEscape handler) by passing an unchecked user-provided pointer to a memcpy call, leading to a SYSTEM_SERVICE_EXCEPTION crash. The PoC requires compilation as a x64 binary using the WDK for D3DKMTEscape.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: NVIDIA driver (nvlddmkm.sys) on Windows 10 x64 (version 372.54)
No auth needed
Prerequisites: Windows 10 x64 with NVIDIA driver version 372.54 · WDK for D3DKMTEscape compilation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40659/
Third Party Advisory x_refsource_confirm
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93985
Patch, Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4247

Scores

CVSS v3 7.8
EPSS 0.0150
EPSS Percentile 70.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-264
Status published
Products (2)
n/a/Quadro, NVS, and GeForce (all versions) Quadro, NVS, and GeForce (all versions)
nvidia/gpu_driver 340 - 342.00
Published Nov 08, 2016
Tracked Since Feb 18, 2026