← back
CVE-2016-8807

CVE-2016-8807

EPSS 1.7%
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges.
Affected products
n/a · Quadro, NVS, and GeForce (all versions)
public PoCs found2
cve_referencewww.exploit-db.com/exploits/40668/unverifiedexploitdbwww.exploit-db.com/exploits/40668unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4247https://support.lenovo.com/us/en/solutions/LEN-10822https://www.exploit-db.com/exploits/40668/http://www.securityfocus.com/bid/94002