CVE-2021-1090

Severity CVSS v4.0:
Pending analysis
Type:
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
22/07/2021
Last modified:
13/10/2023

Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* 427.33 (including) 427.48 (excluding)
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* 452.96 (including) 453.10 (excluding)
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* 462.31 (including) 462.96 (excluding)