CVE-2016-8812
Description
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
NVIDIA Driver - NvStreamKms 'PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback / Local Privilege Escalation
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| nvidia | geforce_experience | {"endIncluding":"-"} | |
| nvidia | geforce_910m | - | |
| nvidia | geforce_920m | - | |
| nvidia | geforce_920mx | - | |
| nvidia | geforce_930m | - | |
| nvidia | geforce_930mx | - | |
| nvidia | geforce_940m | - | |
| nvidia | geforce_940mx | - | |
| nvidia | geforce_945m | - | |
| nvidia | geforce_gt_710 | - | |
| nvidia | geforce_gt_730 | - | |
| nvidia | geforce_gtx_1050 | - | |
| nvidia | geforce_gtx_1060 | - | |
| nvidia | geforce_gtx_1070 | - | |
| nvidia | geforce_gtx_1080 | - | |
| nvidia | geforce_gtx_950m | - | |
| nvidia | geforce_gtx_960m | - | |
| nvidia | geforce_gtx_965m | - | |
| nvidia | nvs_310 | - | |
| nvidia | nvs_315 | - | |
| nvidia | nvs_510 | - | |
| nvidia | nvs_810 | - | |
| nvidia | quadro_k1200 | - | |
| nvidia | quadro_k420 | - | |
| nvidia | quadro_k620 | - | |
| nvidia | quadro_m1000m | - | |
| nvidia | quadro_m2000 | - | |
| nvidia | quadro_m2000m | - | |
| nvidia | quadro_m3000m | - | |
| nvidia | quadro_m4000 | - | |
| nvidia | quadro_m4000m | - | |
| nvidia | quadro_m5000 | - | |
| nvidia | quadro_m5000m | - | |
| nvidia | quadro_m500m | - | |
| nvidia | quadro_m5500 | - | |
| nvidia | quadro_m6000 | - | |
| nvidia | quadro_m600m | - | |
| nvidia | quadro_p5000 | - | |
| nvidia | quadro_p6000 | - | |
| nvidia | titan_x | - | |
References
CWEs
CWE-119
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.