CVE-2017-6256

HIGH

NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscape Handler

Title source: llm
STIX 2.1

Description

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a value passed from a user to the driver is not correctly validated and used as the index to an array which may lead to denial of service or potential escalation of privileges.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://nvidia.custhelp.com/app/answers/detail/a_id/4525

Scores

CVSS v3 7.8
EPSS 0.0005
EPSS Percentile 16.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (2)
nvidia/gpu_driver
Nvidia Corporation/NVIDIA Windows GPU Display Driver All
Published Jul 28, 2017
Tracked Since Feb 18, 2026