CVE-2016-8805
HIGHNVIDIA Windows GPU Display Driver - Privilege Escalation
Title source: llmDescription
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000014 where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/40667
References (4)
Core 4
Core References
Third Party Advisory x_refsource_confirm
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94001
Patch, Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4247
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/40667/
Scores
CVSS v3
7.8
EPSS
0.0039
EPSS Percentile
60.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (2)
n/a/Quadro, NVS, and GeForce (all versions)
Quadro, NVS, and GeForce (all versions)
nvidia/gpu_driver
340 - 342.00
Published
Nov 08, 2016
Tracked Since
Feb 18, 2026