10

CVE-2015-5053

EPSS 0.52%
Published 24.11.2015 20:59:02
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of service (resource consumption), or possibly have unspecified other impact via unknown vectors related to the follow_pfn kernel-mode API call.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Nvidia ≫ Gpu Driver Version346.16

Nvidia ≫ Gpu Driver Version346.22

Nvidia ≫ Gpu Driver Version346.35

Nvidia ≫ Gpu Driver Version346.47

Nvidia ≫ Gpu Driver Version346.59

Nvidia ≫ Gpu Driver Version346.72

Nvidia ≫ Gpu Driver Version346.82

Nvidia ≫ Gpu Driver Version352.09

Nvidia ≫ Gpu Driver Version352.21

Nvidia ≫ Gpu Driver Version352.30

Nvidia ≫ Gpu Driver Version352.41

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.52%	0.641

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://nvidia.custhelp.com/app/answers/detail/a_id/3802

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-5053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-5053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-5053

EUVD