CVE-2017-0313

HIGH

NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via SubmitCommandVirtual DDI

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0313. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit targets a memory corruption vulnerability in NVIDIA's GPU driver (CVE-2017-0313) due to improper bounds checking in the DxgkDdiSubmitCommandVirtual function. The PoC demonstrates arbitrary memory corruption via a controlled memcpy operation, leading to a crash (PAGE_FAULT_IN_NONPAGED_AREA).

Description

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where untrusted input is used to reference memory outside of the intended boundary of the buffer leading to denial of service or escalation of privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/41365

This exploit targets a memory corruption vulnerability in NVIDIA's GPU driver (CVE-2017-0313) due to improper bounds checking in the DxgkDdiSubmitCommandVirtual function. The PoC demonstrates arbitrary memory corruption via a controlled memcpy operation, leading to a crash (PAGE_FAULT_IN_NONPAGED_AREA).

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: NVIDIA GPU driver version 375.95
No auth needed
Prerequisites: Access to the target system with the vulnerable NVIDIA driver installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4398
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41365/

Scores

CVSS v3 7.8
EPSS 0.0157
EPSS Percentile 72.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
nvidia/gpu_driver
Nvidia Corporation/Windows GPU Display Driver All
Published Feb 15, 2017
Tracked Since Feb 18, 2026