CVE-2021-1053

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows and Linux, all versions

Description: The issue is related to improper validation of a user pointer in the kernel mode layer handler for DxgkDdiEscape or IOCTL, which may lead to denial of service. The vulnerability is located in the nvlddmkm.sys handler.

Recommendations: For all versions, consider restricting access to the nvlddmkm.sys handler until a patch is available. As a temporary workaround, disabling the DxgkDdiEscape or IOCTL handler may minimize the risk of exploitation. However, specific guidance on how to resolve the issue is not provided, and at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2021-01761

CVE-2021-1053

MGASA-2021-0026

MGASA-2021-0029

USN-4689-1

USN-4689-2

USN-4689-3

USN-4689-4

Affected Products

Linuxmint

Nvidia Gpu Display Driver

Ubuntu

CVE-2021-1053

Weakness Enumeration

Related Identifiers

Affected Products

References · 31