CVE-2015-1170
First published: Fri Mar 06 2015(Updated: )
The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrator privileges via unspecified API calls.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Driver R304 | <=309.07 | |
| Nvidia Gpu Driver R340 | <=341.43 | |
| Nvidia Gpu Driver R343 | <=345.19 | |
| Nvidia Gpu Driver R346 | <=347.51 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://marc.info/?l=bugtraq&m=142781493222653&w=2
- http://marc.info/?l=bugtraq&m=143013598825091&w=2
- http://nvidia.custhelp.com/app/answers/detail/a_id/3634
- http://www.securitytracker.com/id/1032013
- https://support.lenovo.com/product_security/nvidia_windows_privilege
- https://support.lenovo.com/us/en/product_security/nvidia_windows_privilege
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia gpu driver r304
- version/nvidia gpu driver r304/309.07
- canonical/nvidia gpu driver r340
- version/nvidia gpu driver r340/341.43
- canonical/nvidia gpu driver r343
- version/nvidia gpu driver r343/345.19
- canonical/nvidia gpu driver r346
- version/nvidia gpu driver r346/347.51