Vulnerability Details : CVE-2016-2556
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors.
Products affected by CVE-2016-2556
- cpe:2.3:a:nvidia:gpu_driver_r340:*:*:*:*:*:*:*:*
- cpe:2.3:a:nvidia:gpu_driver_r352:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-2556
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 9 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-2556
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-2556
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2556
-
http://nvidia.custhelp.com/app/answers/detail/a_id/4059
Security Bulletin: CVE-2016-2556: Kernel driver escape can allow access to restricted functionality | NVIDIAVendor Advisory
-
https://support.lenovo.com/us/en/product_security/len_5551
NVIDIA GPU Kernel Driver Escape - USThird Party Advisory
Jump to