CVE-2021-1117

{"id": "CVE-2021-1117", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2021-10-27T21:15:07.553", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5230", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-129"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-129"}]}], "descriptions": [{"lang": "en", "value": "Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service."}, {"lang": "es", "value": "Windows contiene una vulnerabilidad en el manejador de la capa de modo de kernel (nvlddmkm.sys) para DxgkDdiEscape, donde un atacante mediante una configuraci\u00f3n espec\u00edfica y con acceso local no privilegiado al sistema puede causar una comprobaci\u00f3n inapropiada de la entrada, lo que puede conllevar a una denegaci\u00f3n de servicio"}], "lastModified": "2024-11-21T05:43:37.857", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "C5978F56-05D4-4292-86EA-12479B022DFE", "versionEndExcluding": "392.68", "versionStartIncluding": "390"}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "96422D54-0F78-4683-8A67-B2DF7BAA4EF8", "versionEndExcluding": "463.15", "versionStartIncluding": "460"}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "AA5F4D02-CC80-4CAE-A2C3-135A710AC22E", "versionEndExcluding": "472.39", "versionStartIncluding": "470"}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "8E8E59DB-063B-4BF5-92C1-AC78D59BB6D0", "versionEndExcluding": "496.49", "versionStartIncluding": "495"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@nvidia.com"}