mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
73 lines
2.6 KiB
JSON
73 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@nvidia.com",
|
|
"DATE_PUBLIC": "2019-02-22T00:00:00",
|
|
"ID": "CVE-2019-5666",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "NVIDIA GPU Graphics Driver",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "All"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Nvidia Corporation"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array, which may lead to denial of service or escalation of privileges."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "denial of service or escalation of privileges"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "http://support.lenovo.com/us/en/solutions/LEN-26250",
|
|
"url": "http://support.lenovo.com/us/en/solutions/LEN-26250"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4797",
|
|
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4797"
|
|
}
|
|
]
|
|
}
|
|
} |