CVE-2019-5677

{"id": "CVE-2019-5677", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-05-10T21:29:00.647", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4797", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4797", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service."}, {"lang": "es", "value": "El software NVIDIA Windows GPU Display driver para Windows (todas las versiones) contiene una vulnerabilidad en el controlador de la capa de modo del n\u00facleo (nvlddmkm.sys) para DeviceIoControl, donde el software lee desde un b\u00fafer utilizando mecanismos de acceso al b\u00fafer como \u00edndices o punteros que hacen referencia a las ubicaciones de la memoria despu\u00e9s del b\u00fafer en cuesti\u00f3n, lo que puede provocar la denegaci\u00f3n de servicio."}], "lastModified": "2024-11-21T04:45:19.763", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "E8B2FE62-DA85-49FE-89B1-4AC71DCEC690"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@nvidia.com"}