CVE-2016-8806
HIGHNVIDIA Windows GPU Display Driver and R375 before 375.63 <342.00-375.63 - Privilege Escalation
Title source: llmDescription
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/40663
References (4)
Core 4
Core References
Third Party Advisory x_refsource_confirm
https://support.lenovo.com/us/en/solutions/LEN-10822
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93990
Patch, Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4247
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/40663/
Scores
CVSS v3
7.8
EPSS
0.0038
EPSS Percentile
59.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (2)
n/a/Quadro, NVS, and GeForce (all versions)
Quadro, NVS, and GeForce (all versions)
nvidia/gpu_driver
340 - 342.00
Published
Nov 08, 2016
Tracked Since
Feb 18, 2026