CVE-2017-0312

HIGH

NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscapeID 0x100008b

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0312. PoCs published by Google Security Research.

AI-analyzed exploit summary The exploit targets a vulnerability in the NVIDIA GPU driver (DxgkDdiEscape handler) where a user-supplied size (0x41414141) leads to an out-of-bounds read/write, causing a crash. The PoC demonstrates the flaw by triggering a crash in the driver.

Description

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscapeID 0x100008b where user provided input is used as the limit for a loop may lead to denial of service or potential escalation of privileges

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/41364

The exploit targets a vulnerability in the NVIDIA GPU driver (DxgkDdiEscape handler) where a user-supplied size (0x41414141) leads to an out-of-bounds read/write, causing a crash. The PoC demonstrates the flaw by triggering a crash in the driver.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: NVIDIA GPU driver version 375.70
No auth needed
Prerequisites: Access to a system with the vulnerable NVIDIA GPU driver
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4398
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41364/

Scores

CVSS v3 7.8
EPSS 0.0145
EPSS Percentile 69.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (2)
nvidia/gpu_driver
Nvidia Corporation/Windows GPU Display Driver All
Published Feb 15, 2017
Tracked Since Feb 18, 2026