Description
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
References (3)
Core 3
Core References
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202310-02
Patch, Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5211
Scores
CVSS v3
6.2
EPSS
0.0008
EPSS Percentile
22.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-404
Status
published
Products (3)
debian/debian_linux
9.0
nvidia/gpu_display_driver
418.197.02 - 418.211.00
nvidia/gpu_display_driver
427.33 - 427.48
Published
Jul 22, 2021
Tracked Since
Feb 18, 2026