CVE-2017-0318

Published: 15 February 2017

All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system.

Priority

Cvss 3 Severity Score

5.5

Score breakdown

Status

Package	Release	Status
nvidia-graphics-drivers Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-173 Launchpad, Ubuntu, Debian	precise	Ignored (end of life)
	trusty	Does not exist (trusty was ignored [no update available])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-173-updates Launchpad, Ubuntu, Debian	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-304 Launchpad, Ubuntu, Debian	precise	Released (304.135-0ubuntu0.12.04.1)
	trusty	Released (304.135-0ubuntu0.14.04.1)
	upstream	Needs triage
	xenial	Released (304.135-0ubuntu0.16.04.1)
	yakkety	Released (304.135-0ubuntu0.16.10.1)
nvidia-graphics-drivers-304-updates Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Not vulnerable (superseded)
	yakkety	Not vulnerable (superseded)
nvidia-graphics-drivers-310-updates Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-319 Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-319-updates Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-331 Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-331-updates Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-340 Launchpad, Ubuntu, Debian	precise	Released (340.102-0ubuntu0.12.04.1)
	trusty	Released (340.102-0ubuntu0.14.04.1)
	upstream	Needs triage
	xenial	Released (340.102-0ubuntu0.16.04.1)
	yakkety	Released (340.102-0ubuntu0.16.10.1)
nvidia-graphics-drivers-340-updates Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Not vulnerable (superseded)
	yakkety	Not vulnerable (superseded)
nvidia-graphics-drivers-346 Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-346-updates Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-352 Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Not vulnerable (superseded)
	yakkety	Not vulnerable (superseded)
nvidia-graphics-drivers-352-updates Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Not vulnerable (superseded)
	yakkety	Not vulnerable (superseded)
nvidia-graphics-drivers-361 Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Not vulnerable (superseded)
	yakkety	Not vulnerable (superseded)
nvidia-graphics-drivers-367 Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [superseded])
	upstream	Needs triage
	xenial	Not vulnerable (superseded)
	yakkety	Not vulnerable (superseded)
nvidia-graphics-drivers-375 Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Released (375.39-0ubuntu0.14.04.1)
	upstream	Needs triage
	xenial	Released (375.39-0ubuntu0.16.04.1)
	yakkety	Released (375.39-0ubuntu0.16.10.1)
nvidia-graphics-drivers-96 Launchpad, Ubuntu, Debian	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-96-updates Launchpad, Ubuntu, Debian	precise	Ignored (end of life)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-experimental-304 Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-experimental-310 Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-tegra Launchpad, Ubuntu, Debian	precise	Not vulnerable
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
nvidia-graphics-drivers-updates Launchpad, Ubuntu, Debian	precise	Not vulnerable (superseded)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist

Severity score breakdown

Parameter	Value
Base score	5.5
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›