CVE-2021-1093
Severity CVSS v4.0:
Pending analysis
Type:
CWE-404
Improper Resource Shutdown or Release
Publication date:
22/07/2021
Last modified:
13/10/2023
Description
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Base Score 2.0
4.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:* | 418.197.02 (including) | 418.211.00 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 427.33 (including) | 427.48 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:* | 450.119.03 (including) | 450.142.00 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 452.96 (including) | 453.10 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:* | 460.73.01 (including) | 460.91.03 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 462.31 (including) | 462.96 (excluding) |
| cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page