Thierry Doré

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Windows (affected versions not specified) **Description** The issue is related to a failure to properly validate data in the kernel mode layer handler for DxgkDdiEscape, which might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode. This could potentially lead to denial of service, information disclosure, escalation of privileges, or data tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Windows (affected versions not specified) **Description** The issue is related to a local user with basic capabilities being able to cause an out-of-bounds read in the kernel mode layer handler for DxgkDdiEscape. This may lead to a system crash or a leak of internal kernel information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Windows (affected versions not specified) **Description** The issue is related to an out-of-bounds read in the kernel mode layer, specifically in the nvlddmkm.sys file. A local user with basic capabilities can exploit this, potentially leading to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NVIDIA GPU Display Driver for Windows (affected versions not specified) **Description** The issue is related to a local user with basic capabilities being able to cause an out-of-bounds read in the kernel mode layer handler for DxgkDdiEscape, potentially leading to denial of service or information disclosure. This is due to a buffer overflow in memory, which can be exploited to cause service disruption or unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.