Uninitialized Value in NVIDIA Windows GPU Display Driver: Denial of Service and Information Disclosure Vulnerability

Uninitialized Value in NVIDIA Windows GPU Display Driver: Denial of Service and Information Disclosure Vulnerability

CVE-2016-8820 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:N/A:C

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where a check on a function return value is missing, potentially allowing an uninitialized value to be used as the source of a strcpy() call, leading to denial of service or information disclosure.

Learn more about our Web Application Penetration Testing UK.