NVIDIA Windows GPU Display Driver における境界外読み取りに関する脆弱性
| Title |
NVIDIA Windows GPU Display Driver における境界外読み取りに関する脆弱性
|
| Summary |
NVIDIA Windows GPU Display Driver には、境界外読み取りに関する脆弱性が存在します。
|
| Possible impacts |
情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution |
ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date |
March 28, 2018, midnight |
| Registration Date |
June 7, 2018, 12:22 p.m. |
| Last Update |
June 7, 2018, 12:22 p.m. |
|
CVSS3.0 : 重要
|
| Score |
8.8
|
| Vector |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
|
CVSS2.0 : 危険
|
| Score |
7.2
|
| Vector |
AV:L/AC:L/Au:N/C:C/I:C/A:C |
Affected System
| NVIDIA |
|
NVIDIA GPU ディスプレイドライバ
|
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
| No |
Changed Details |
Date of change |
| 1 |
[2018年06月07日]
掲載 |
June 7, 2018, 12:22 p.m. |
NVD Vulnerability Information
CVE-2018-6248
| Summary |
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges.
|
| Publication Date |
April 3, 2018, 1:29 a.m. |
| Registration Date |
March 1, 2021, 7:34 p.m. |
| Last Update |
Nov. 21, 2024, 1:10 p.m. |
Affected software configurations
| Configuration1 |
or higher |
or less |
more than |
less than |
| cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
Related information, measures and tools
Common Vulnerabilities List