CVE-2017-6271

{"id": "CVE-2017-6271", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2017-09-22T17:29:00.383", "references": [{"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4544", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "http://www.securityfocus.com/bid/101001", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@nvidia.com"}, {"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4544", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/101001", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-369"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiCreateAllocation where untrusted user input is used as a divisor without validation while processing block linear information which may lead to a potential divide by zero and denial of service."}, {"lang": "es", "value": "NVIDIA Windows GPU Display Driver contiene una vulnerabilidad en el controlador de capas del modo kernel para DxgkDdiCreateAllocation, en donde las entradas de usuario no confiables se emplean como divisor sin validaci\u00f3n mientras se procesa informaci\u00f3n lineal en bloque, lo que podr\u00eda conducir a una potencial divisi\u00f3n entre cero y una denegaci\u00f3n de servicio."}], "lastModified": "2024-11-21T03:29:24.183", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F6B8C06-F379-49FB-B0F2-097752154708"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}