Versio.io

CVE-2018-3979

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 01-04-2019 11:30
Last modified: - 19-04-2022 08:15
Total changes: - 2

Description

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).

Common Vulnerability Scoring System (CVSS)

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
Required
User interaction
6.5
Base score
2.8
3.6
Exploitability score
Impact score
 

Verification logic

OR
OR
vendor=canonical AND product=ubuntu_linux AND version=18.04 AND software_edition=lts
AND
OR
vendor=nvidia AND product=geforce_gtx_745_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_745 AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_750_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_750 AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_750_ti_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_750_ti AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_840m_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_840m AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_845m_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_845m AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_850m_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_850m AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_860m_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_860m AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_950m_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_950m AND version=-
AND
OR
vendor=nvidia AND product=geforce_gtx_960m_firmware AND version=-
OR
vendor=nvidia AND product=geforce_gtx_960m AND version=-
AND
OR
vendor=nvidia AND product=quadro_k620_firmware AND version=-
OR
vendor=nvidia AND product=quadro_k620 AND version=-
AND
OR
vendor=nvidia AND product=quadro_k1200_firmware AND version=-
OR
vendor=nvidia AND product=quadro_k1200 AND version=-
AND
OR
vendor=nvidia AND product=quadro_k2200_firmware AND version=-
OR
vendor=nvidia AND product=quadro_k2200 AND version=-
AND
OR
vendor=nvidia AND product=quadro_m1000m_firmware AND version=-
OR
vendor=nvidia AND product=quadro_m1000m AND version=-
AND
OR
vendor=nvidia AND product=quadro_m1200m_firmware AND version=-
OR
vendor=nvidia AND product=quadro_m1200m AND version=-
AND
OR
vendor=nvidia AND product=grid_m30_firmware AND version=-
OR
vendor=nvidia AND product=grid_m30 AND version=-
AND
OR
vendor=nvidia AND product=grid_m40_firmware AND version=-
OR
vendor=nvidia AND product=grid_m40 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2018-3979

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.