Main Vulnerability Database SB2016110128

SB2016110128 - Denial of service in nVidia NVS

Published: November 1, 2016

Security Bulletin ID SB2016110128

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Denial of service (CVE-ID: CVE-2016-8812)

The vulnerability allows a local user to cause D0S condition or obtain elevated privileges on the target system.
The weakness exists in the kernel mode layer (nvstreamkms.sys). By specially crafted executable paths a local attacker can trigger a stack buffer overflow, leading to a denial of service or escalation of privileges.
Successful exploitation of the vulnerability may result in denial of service or privilege escalation.

Remediation

Install update from vendor's website.

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4247