What is the severity of CVE-2016-8806?

CVE-2016-8806 is considered a high-severity vulnerability due to its potential to allow escalation of privileges.

How do I fix CVE-2016-8806?

To fix CVE-2016-8806, update the NVIDIA Windows GPU Display Driver to version 342.00 or later, or version 375.63 or later.

What products are affected by CVE-2016-8806?

CVE-2016-8806 affects NVIDIA Quadro, NVS, and GeForce products using specific versions of the NVIDIA GPU Display Driver.

What impact does CVE-2016-8806 have on systems?

CVE-2016-8806 can potentially allow an attacker to execute arbitrary code with kernel privileges, leading to system compromise.

Is there a workaround for CVE-2016-8806?

There is no official workaround for CVE-2016-8806; the best mitigation is to apply the appropriate driver updates as mentioned.

Vulnerability/
CVE-2016-8806

high

7.8

CWE

264

8/11/2016

6/8/2024

CVE-2016-8806

First published: Tue Nov 08 2016(Updated: )

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges.

Credit: psirt@nvidia.com

Affected Software	Affected Version	How to fix
NVIDIA GPU kernel driver	>=340<342.00
NVIDIA GPU kernel driver	>=375<375.63
Microsoft Windows Operating System

Remedy

http://nvidia.custhelp.com/app/answers/detail/a_id/4247

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-8806?
CVE-2016-8806 is considered a high-severity vulnerability due to its potential to allow escalation of privileges.
How do I fix CVE-2016-8806?
To fix CVE-2016-8806, update the NVIDIA Windows GPU Display Driver to version 342.00 or later, or version 375.63 or later.
What products are affected by CVE-2016-8806?
CVE-2016-8806 affects NVIDIA Quadro, NVS, and GeForce products using specific versions of the NVIDIA GPU Display Driver.
What impact does CVE-2016-8806 have on systems?
CVE-2016-8806 can potentially allow an attacker to execute arbitrary code with kernel privileges, leading to system compromise.
Is there a workaround for CVE-2016-8806?
There is no official workaround for CVE-2016-8806; the best mitigation is to apply the appropriate driver updates as mentioned.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/weakness
agent/last-modified-date
agent/remedy
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/nvidia
canonical/nvidia gpu kernel driver
version/nvidia gpu kernel driver/340
version/nvidia gpu kernel driver/375
vendor/microsoft
canonical/microsoft windows operating system

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.