CVE-2015-5950
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
30/09/2015
Last modified:
12/04/2025
Description
The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and consequently gain privileges via a crafted ioctl call.
Impact
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:* | 352.30 (including) | |
| cpe:2.3:a:nvidia:display_driver:*:*:*:*:*:linux:*:* | 352.09 (including) | |
| cpe:2.3:a:nvidia:display_driver:304.108:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:304.119:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:304.121:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:304.123:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:304.125:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:352.21:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:352.30:*:*:*:*:linux:*:* | ||
| cpe:2.3:a:nvidia:display_driver:*:*:*:*:*:*:*:* | 352.86 (including) | |
| cpe:2.3:a:nvidia:display_driver:340.43:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:display_driver:340.52:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:display_driver:341.44:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:display_driver:353.06:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://nvidia.custhelp.com/app/answers/detail/a_id/3763/~/cve-2015-5950-memory-corruption-due-to-an-unsanitized-pointer-in-the-nvidia
- http://www.securitytracker.com/id/1033662
- http://www.ubuntu.com/usn/USN-2747-1
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04815468
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04815468
- https://support.lenovo.com/us/en/product_security/len_3313
- http://nvidia.custhelp.com/app/answers/detail/a_id/3763/~/cve-2015-5950-memory-corruption-due-to-an-unsanitized-pointer-in-the-nvidia
- http://www.securitytracker.com/id/1033662
- http://www.ubuntu.com/usn/USN-2747-1
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04815468
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04815468
- https://support.lenovo.com/us/en/product_security/len_3313