CVE-2017-0334

MEDIUM

NVIDIA GPU Driver for Android Kernel-3.18 - Information Disclosure via Local Application

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0334. PoCs published by codecat007.

AI-analyzed exploit summary This PoC exploits CVE-2017-0334, an information leak vulnerability in the NVIDIA Tegra DRM driver. It opens a DRM device and uses a crafted IOCTL call to leak a kernel pointer, demonstrating the vulnerability.

Description

An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.18. Android ID: A-33245849. References: N-CVE-2017-0334.

Exploits (1)

github WORKING POC 8 stars
by codecat007 · cpoc
https://github.com/codecat007/cvehub/tree/main/android/securityPatch/CVE-2017-0334

This PoC exploits CVE-2017-0334, an information leak vulnerability in the NVIDIA Tegra DRM driver. It opens a DRM device and uses a crafted IOCTL call to leak a kernel pointer, demonstrating the vulnerability.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: NVIDIA Tegra DRM driver (Android kernel)
No auth needed
Prerequisites: Access to the target device's /dev/dri/renderD129
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037968
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-03-01.html

Scores

CVSS v3 5.5
EPSS 0.0023
EPSS Percentile 45.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
linux/linux_kernel 3.18
Nvidia Corporation/Android Kernel-3.18
Published Mar 08, 2017
Tracked Since Feb 18, 2026