7.8

CVE-2016-7389

EPSS 0.04%
Veröffentlicht 08.11.2016 20:59:15
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@nvidia.com
CVE-Watchlists
Login
Unerledigt
Login

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R361_93 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer (nvidia.ko) handler for mmap() where improper input validation may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nvidia ≫ Gpu Driver Version304.79

Linux ≫ Linux Kernel

Nvidia ≫ Gpu Driver Version340.52

Linux ≫ Linux Kernel

Nvidia ≫ Gpu Driver Version361.91

Linux ≫ Linux Kernel

Nvidia ≫ Gpu Driver Version365.19

Linux ≫ Linux Kernel

Nvidia ≫ Gpu Driver Version368.81

Linux ≫ Linux Kernel

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.102

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://nvidia.custhelp.com/app/answers/detail/a_id/4246

Patch

Vendor Advisory

http://www.securityfocus.com/bid/94177

https://nvd.nist.gov/vuln/detail/CVE-2016-7389

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-7389

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-7389

EUVD