PT-2017-1996 · Nvidia · Nvidia Video Driver

Natecray

Publicado

2017-05-02

Atualizado

2019-10-03

CVE-2017-0331

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NVIDIA video driver versions prior to the fixed version

Description The issue is related to insufficient access control in the NVIDIA video driver for the Android operating system. It allows a remote attacker to execute arbitrary code within the context of the kernel. This could lead to a local permanent device compromise, requiring reflashing the operating system to repair the device.

Recommendations For versions prior to the fixed version, consider restricting access to the kernel until a patch is available. As a temporary workaround, avoid using the NVIDIA video driver until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Time Of Check To Time Of Use

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-367

Identificadores relacionados

BDU:2017-01161

CVE-2017-0331

Produtos afetados

Nvidia Video Driver

PT-2017-1996 · Nvidia · Nvidia Video Driver

CVE-2017-0331

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6