PT-2020-7172 · Nvidia · Nvidia Linux Driver

Kees Cook

Published

2020-05-08

Updated

2020-05-18

CVE-2012-0952

CVSS v3.1

5.0

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Nvidia Linux driver versions prior to 295.53

Description A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes.

Recommendations For versions prior to 295.53, update to version 295.53 or later to resolve the issue. As a temporary workaround, consider restricting access to the device control ioctl until a patch is available.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

CVE-2012-0952

Affected Products

Nvidia Linux Driver

PT-2020-7172 · Nvidia · Nvidia Linux Driver

CVE-2012-0952

Weakness Enumeration

Related Identifiers

Affected Products

References · 6