CVE-2016-2557: Kernel driver escape privileged memory access

Answer ID 4060
Published 03/14/2016 08:55 AM
Updated 03/21/2016 01:14 AM
CVE-2016-2557: Kernel driver escape privileged memory access

Vulnerability Description:

The Kernel Mode Driver Escape interface layer can leak kernel memory to user space.

Exploit Scope and Risk:

This issue can lead to increased risk of malicious code access to privileged resources. The vulnerability could be exploited to cause the access of uninitialized or out of bounds memory leading to information disclosure, crashes or denial of service, and potential escalation of privilege.

The CVSS risk assessment is listed below.

CVSS Base Score - 7.2

Exploitability sub-score - 3.9

Access Vector: Local

Access Complexity: Low

Authentication: None

Impact sub-score - 10

Confidentiality Impact: Complete

Integrity Impact: Complete

Availability Impact: Complete

CVSS temporal sub-score - 6.0

Exploitability: Functional exploit exists

Remediation Level: Official fix

Report Confidence: Confirmed

NVIDIA's risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. We recommended consulting a local security or IT professional to evaluate the risk of your specific configuration.

Vulnerable Configurations:

The vulnerabilities in the Kernel Mode Driver layer exist only in NVIDIA Windows GPU drivers. These issues affect all GPU products and are not specific to any GPU-class device.

Vulnerability Discovery:

This issue was identified by NVIDIA.

Fix:

NVIDIA recommends that users upgrade to the fixed driver versions available on nvidia.com as listed in table below. Please note that all R358 and R361 branch drivers include the fix for this issue.

GeForce

OS

Branch

Supported GPUs

First version that includes the fix

Windows

R361

All

All R361 drivers

Windows

R358

All

All R358 drivers

Windows

R340

Tesla generation only GPUs listed here

341.95

Quadro, NVS

OS

Branch

Supported GPUs

First version that includes the fix

Windows

R361

All

All R361 drivers

Windows

R352

All

354.74

Windows

R340

All

341.95

Mitigations:

Always observe the following safe computing practices:

· Only download or execute content and programs from trusted third parties.

· Run your system and programs with the least privilege necessary. Users should run without root privileges whenever possible.

· When running as root, do not elevate privileges for activities or programs that don't need them.

Was this answer helpful?
Your rating has been submitted, please tell us how we can make this answer more useful.

LIVE CHAT

Chat online with one of our support agents

CHAT NOW

ASK US A QUESTION

Contact Support for assistance

CONTACT US