Security Bulletin: CVE-2015-3625: Privilege Escalation via Unsanitized Pointer Dereference in NVIDIA FreeBSD Kernel Driver

Updated 09/29/2021 10:18 AM

CVE-2015-3625: Privilege Escalation via Unsanitized Pointer Dereference in NVIDIA FreeBSD Kernel Driver

Go to NVIDIA Product Security.

Vulnerability Description:

The NVIDIA GPU kernel-level driver for FreeBSD does not properly sanitize pointers from user space before dereferencing them.

Exploit Scope and Risk:

To exploit this vulnerability, an attacker must influence the value of pointers passed to the NVIDIA kernel module. This typically requires permission to access the /dev/nvidia* device nodes and the ability to run code as a local user. By crafting special pointers, the attacker has the ability to read or write arbitrary memory in kernel space, which can lead to denial of service, data leaks, data corruption, or privilege escalation and arbitrary code execution.

The CVSS Risk assessment is listed below.

CVSS Base Score - 7.2

Exploitability sub-score - 3.9

Access Vector: Local

Access Complexity: Low

Authentication: None

Impact sub-score: 10.0

Confidentiality Impact: Complete

Integrity Impact: Complete

Availability Impact: Complete

CVSS temporal sub-score: 6

Exploitability: Functional exploit exists

Remediation Level: Official fix

Report Confidence: Confirmed

CVSS Environmental Score - [determined by user]

NVIDIA's risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. We recommended consulting a local security or IT professional to evaluate the risk of your specific configuration. NVIDIA is not aware of an implementation of this exploit in the field.

Vulnerable Configurations:

The NVIDIA GPU FreeBSD kernel module (nvidia.ko) must be loaded for the vulnerability to be present. Typically, the module will be configured when the driver is installed to be automatically loaded when the system boots. NVIDIA GPU drivers for other platforms are not affected.

Vulnerability Discovery:

This vulnerability was discovered during a routine code audit internal to NVIDIA.


NVIDIA recommends that users upgrade to a fixed version of the FreeBSD driver. In addition, a patch is available that can be applied to older driver versions. The patch is equivalent to that applied to the newer driver versions. The patch file is available here: FreeBSD Driver patch file

The following build/branches have been fixed and released.


  • Change the permissions on the /dev/nvidia* device nodes to restrict access to only those users that need to run GPU-accelerated applications (e.g., OpenGL).

  • If the driver is not used, unload the nvidia.ko kernel driver.

  • Always observe the following safe computing practices:

  • Only download or execute content and programs from trusted third parties.

  • Run your system and programs with the least privilege necessary. Users should run without root privileges whenever possible.

  • When running as root, do not elevate privileges for activities or programs that don't need them.

Is this answer helpful?

Live Chat

Chat online with one of our support agents



Contact Support for assistance


Ask a Question