Vulnerability Change Records for CVE-2018-6251

Change History

Initial Analysis 5/11/2018 1:37:45 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-119
Changed Reference Type
http://nvidia.custhelp.com/app/answers/detail/a_id/4649 No Types Assigned
http://nvidia.custhelp.com/app/answers/detail/a_id/4649 Vendor Advisory
Changed Reference Type
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0514 No Types Assigned
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0514 Third Party Advisory

CVE Modified by NVIDIA Corporation 4/03/2018 9:29:12 PM

Action Type Old Value New Value
Changed Description
NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX 10 Usermode driver, where specially crafted pixel shader can cause writing to unallocated memory leading to denial of service or potential code execution.
An exploitable heap memory corruption vulnerability exists in the NVIDIA D3D10 Driver 22.21.13.8607. A specially crafted pixel shader can cause heap memory corruption, resulting in at least denial of service, and potential code execution. An attacker can provide a specially crafted shader file (either in binary or text form) to trigger this vulnerability. This vulnerability can be triggered from a VMware guest, and the VMware host will be affected (potentially leading to VMware crash or guest-to-host escape).
Added Reference

								
							
							
						
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0514 [No Types Assigned]