From 8201b29ce5239cc3077b61eaca0320ec4086aadc Mon Sep 17 00:00:00 2001 From: PSIRT-NVIDIA Date: Wed, 21 Jul 2021 23:19:10 -0500 Subject: [PATCH] GPU_CVEs_July_2021 GPU_CVEs_July_2021 --- 2021/1xxx/CVE-2021-1089.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1090.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1091.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1092.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1093.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1094.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1095.json | 78 +++++++++++++++++++++++++++++++++--- 2021/1xxx/CVE-2021-1096.json | 78 +++++++++++++++++++++++++++++++++--- 8 files changed, 576 insertions(+), 48 deletions(-) diff --git a/2021/1xxx/CVE-2021-1089.json b/2021/1xxx/CVE-2021-1089.json index e13409dedf8..32a9049ac5d 100644 --- a/2021/1xxx/CVE-2021-1089.json +++ b/2021/1xxx/CVE-2021-1089.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1089", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "code execution, denial of service, data tampering, information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1090.json b/2021/1xxx/CVE-2021-1090.json index 1eae9a29ccc..98f9064e0bd 100644 --- a/2021/1xxx/CVE-2021-1090.json +++ b/2021/1xxx/CVE-2021-1090.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1090", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service, data tampering" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1091.json b/2021/1xxx/CVE-2021-1091.json index e7c6df3009b..e77e444711f 100644 --- a/2021/1xxx/CVE-2021-1091.json +++ b/2021/1xxx/CVE-2021-1091.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1091", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service, data loss" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1092.json b/2021/1xxx/CVE-2021-1092.json index 0625bfabcdf..025905df60c 100644 --- a/2021/1xxx/CVE-2021-1092.json +++ b/2021/1xxx/CVE-2021-1092.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1092", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service, data tampering" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1093.json b/2021/1xxx/CVE-2021-1093.json index 2dba33a2254..95179daacb0 100644 --- a/2021/1xxx/CVE-2021-1093.json +++ b/2021/1xxx/CVE-2021-1093.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1093", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1094.json b/2021/1xxx/CVE-2021-1094.json index 00a0c06cd5e..0ae73b8a0c7 100644 --- a/2021/1xxx/CVE-2021-1094.json +++ b/2021/1xxx/CVE-2021-1094.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1094", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service, information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1095.json b/2021/1xxx/CVE-2021-1095.json index 8a5d16b3a63..0c737327e48 100644 --- a/2021/1xxx/CVE-2021-1095.json +++ b/2021/1xxx/CVE-2021-1095.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1095", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/1xxx/CVE-2021-1096.json b/2021/1xxx/CVE-2021-1096.json index 87506692146..c4b0f89d5ae 100644 --- a/2021/1xxx/CVE-2021-1096.json +++ b/2021/1xxx/CVE-2021-1096.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1096", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "All GPU Driver versions" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file