CVE-2021-1076

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-1076
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html Mailing List Third Party Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5172 Vendor Advisory
https://security.gentoo.org/glsa/202310-02 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
History

12 Jul 2022, 17:42

Type Values Removed Values Added
CWE CWE-863 NVD-CWE-Other

29 Mar 2022, 18:05

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html - Mailing List, Third Party Advisory

18 Jan 2022, 23:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00013.html -
Information

Published : 2021-04-21 23:15

Updated : 2024-02-04 21:47

NVD link : CVE-2021-1076

Mitre link : CVE-2021-1076

CVE.ORG link : CVE-2021-1076

JSON object : View

Products Affected

debian

  • debian_linux

nvidia

  • gpu_display_driver
CWE
NVD-CWE-Other