Details of VAR-202005-0002

ID

VAR-202005-0002

CVE

CVE-2012-0953

TITLE

Nvidia Race condition vulnerabilities in graphics

Trust: 0.8

sources: JVNDB: JVNDB-2012-006652

DESCRIPTION

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53. (DoS) It may be put into a state

Trust: 1.71

sources: NVD: CVE-2012-0953 // JVNDB: JVNDB-2012-006652 // VULMON: CVE-2012-0953

AFFECTED PRODUCTS

vendor:	nvidia	model:	display driver	scope:	lt	version:	295.53	Trust: 1.0
vendor:	nvidia	model:	display driver	scope:	-	version:	-	Trust: 0.8
vendor:	nvidia	model:	display driver	scope:	eq	version:	295.49	Trust: 0.1

sources: VULMON: CVE-2012-0953 // JVNDB: JVNDB-2012-006652 // NVD: CVE-2012-0953

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-0953
value:	MEDIUM
Trust: 1.0
security@ubuntu.com:	CVE-2012-0953
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2012-006652
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202005-338
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2012-0953
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-0953
severity:	MEDIUM
baseScore:	4.4
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.4
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2012-006652
severity:	MEDIUM
baseScore:	4.4
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2012-0953
baseSeverity:	MEDIUM
baseScore:	5.0
vectorString:	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	0.8
impactScore:	3.7
version:	3.1
Trust: 2.0
NVD:	JVNDB-2012-006652
baseSeverity:	MEDIUM
baseScore:	5.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2012-0953 // JVNDB: JVNDB-2012-006652 // CNNVD: CNNVD-202005-338 // NVD: CVE-2012-0953 // NVD: CVE-2012-0953

PROBLEMTYPE DATA

problemtype:

CWE-362

Trust: 1.8

sources: JVNDB: JVNDB-2012-006652 // NVD: CVE-2012-0953

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202005-338

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202005-338

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-006652

PATCH

title:	Top Page	url:	https://www.nvidia.com/ja-jp/	Trust: 0.8
title:	NVIDIA Display driver Repair measures for the competition condition problem loophole	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=122958	Trust: 0.6

sources: JVNDB: JVNDB-2012-006652 // CNNVD: CNNVD-202005-338

EXTERNAL IDS

db:	NVD	id:	CVE-2012-0953	Trust: 2.5
db:	JVNDB	id:	JVNDB-2012-006652	Trust: 0.8
db:	NSFOCUS	id:	47541	Trust: 0.6
db:	CNNVD	id:	CNNVD-202005-338	Trust: 0.6
db:	VULMON	id:	CVE-2012-0953	Trust: 0.1

sources: VULMON: CVE-2012-0953 // JVNDB: JVNDB-2012-006652 // CNNVD: CNNVD-202005-338 // NVD: CVE-2012-0953

REFERENCES

url:	https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers/+bug/979373	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0953	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0953	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/47541	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/362.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2012-0953 // JVNDB: JVNDB-2012-006652 // CNNVD: CNNVD-202005-338 // NVD: CVE-2012-0953

SOURCES

db:	VULMON	id:	CVE-2012-0953
db:	JVNDB	id:	JVNDB-2012-006652
db:	CNNVD	id:	CNNVD-202005-338
db:	NVD	id:	CVE-2012-0953

LAST UPDATE DATE

2024-08-14T15:33:34.437000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2012-0953	date:	2020-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2012-006652	date:	2020-06-16T00:00:00
db:	CNNVD	id:	CNNVD-202005-338	date:	2020-08-10T00:00:00
db:	NVD	id:	CVE-2012-0953	date:	2020-05-18T19:29:15.133

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2012-0953	date:	2020-05-08T00:00:00
db:	JVNDB	id:	JVNDB-2012-006652	date:	2020-06-16T00:00:00
db:	CNNVD	id:	CNNVD-202005-338	date:	2020-05-07T00:00:00
db:	NVD	id:	CVE-2012-0953	date:	2020-05-08T01:15:10.867