CVE-2019-5666 Information
Feb 14, 2021
cve
Description
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array which may lead to denial of service or escalation of privileges.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
http://support.lenovo.com/us/en/solutions/LEN-26250 https://nvidia.custhelp.com/app/answers/detail/a_id/4772 https://nvidia.custhelp.com/app/answers/detail/a_id/4797
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: