CVE-2019-5666

2019-02-28 00:29:00 2019-05-09 23:29:07

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array, which may lead to denial of service or escalation of privileges.

Vector

LOCAL

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Nvidia Gpu driver - (not an official CPE)

Nvidia - Gpu driver

Advisory	Patch	Confirmed	Link
			https://nvidia.custhelp.com/app/answers/detail/a_id/4772
			http://support.lenovo.com/us/en/solutions/LEN-26250
			https://nvidia.custhelp.com/app/answers/detail/a_id/4797

CVE-2019-5666

2019-02-28 00:29:00 2019-05-09 23:29:07

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Improper Validation of Array Index (ID 129)