Impacted products: Nvidia graphics cards running Windows. patched drivers: v385.xx and later, available at http://www.nvidia.com/download/driver.

CVE-2017-7870: A denial of service issue was identified in the nvProfiler component when it is used with the TensorRT component. A user who is able to run kernel mode code (e.g. due to elevated privileges) could potentially use this flaw to crash the system.

CVE-2017-7871: A user who has access to the “nv04”, “nv05”, “nv06”, or “nv10” devices could potentially use this flaw to crash the system.

CVE-2017-7872: A user who has access to the “nv07” or “nv08” devices could potentially use this flaw to crash the system.

CVE-2017-7873: A user who has access to the “nv09” or “nv10” devices could potentially use this flaw to crash the system.

CVE-2017-7874: A user who has access to the “nv11” or “nv17” devices could potentially use this flaw to crash the system.

CVE-2017-7875: A user who has access to the “nv12” or “nv

What to do if you are affected?

If you are running one of the impacted products, you should ensure that your system has been patched.

You can download patches from here: http://www.nvidia.com/download/driver

NVIDIA GPU Device Firmware Update Notifications

In response to this vulnerability, NVIDIA has provided a firmware update for the affected GPU devices.

Nvidia graphics cards running Windows are affected by three vulnerabilities in the Nvidia driver software. These vulnerabilities have been assigned CVE-2017-7870 through CVE-2017-7874 and CVE-2017-7875. The patches for these vulnerabilities have been released and are available from the following website:

www.nvidia.com/download/driver

Timeline

Published on: 02/07/2022 20:15:00 UTC
Last modified on: 05/09/2022 20:15:00 UTC

References