CVE-2015-3625 (GCVE-0-2015-3625)

Vulnerability from cvelistv5 – Published: 2015-07-18 00:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard Create KEV Entry 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.939Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3693"
          },
          {
            "name": "1032981",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032981"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-21T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3693"
        },
        {
          "name": "1032981",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032981"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3625",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/3693",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3693"
            },
            {
              "name": "1032981",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032981"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3625",
    "datePublished": "2015-07-18T00:00:00",
    "dateReserved": "2015-04-30T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-3625\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-07-18T00:59:00.093\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference.\"},{\"lang\":\"es\",\"value\":\"El controlador de NVIDIA GPU para FreeBSD R352 anterior a 352.09, 346 anterior a 346.72, R349 anterior a 349.16, R343 anterior a 343.36, R340 anterior a 340.76, R337 anterior a 337.25, R334 anterior a 334.21, R331 anterior a 331.113 y R304 anterior a 304.125 permite a usuarios locales con ciertos permisos leer o escribir arbitrariamente en la memoria del Kernel mediante vectores no especificados que desencadenan un puntero no confiable y no referenciado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"304\",\"versionEndExcluding\":\"304.125\",\"matchCriteriaId\":\"32377F59-6C46-48C6-8F9C-7CB38A3D9A31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"331\",\"versionEndExcluding\":\"331.113\",\"matchCriteriaId\":\"E76145BB-0AFE-4736-AD45-044A691E07AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"334\",\"versionEndExcluding\":\"334.21\",\"matchCriteriaId\":\"C6C03A1D-C06E-46A9-9CAB-E0C81A4D8662\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"337\",\"versionEndExcluding\":\"337.25\",\"matchCriteriaId\":\"11339E4D-2C6D-4964-917E-A3708516437D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"340\",\"versionEndExcluding\":\"340.76\",\"matchCriteriaId\":\"DA9684BD-F658-47ED-BE16-0171ADA9F293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"343\",\"versionEndExcluding\":\"343.36\",\"matchCriteriaId\":\"048ED937-4808-4032-8F27-5F935FEC29D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"346\",\"versionEndExcluding\":\"346.72\",\"matchCriteriaId\":\"1C653688-2E60-492B-8CD5-EE0E2A824C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"349\",\"versionEndExcluding\":\"349.16\",\"matchCriteriaId\":\"B29155C3-7766-4DAD-852B-2B664C0D42B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"352\",\"versionEndExcluding\":\"352.09\",\"matchCriteriaId\":\"917E684E-7EC7-4C28-AC70-508174E5ACB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9EC02F3-3905-460D-8949-3B26394215CA\"}]}]}],\"references\":[{\"url\":\"http://nvidia.custhelp.com/app/answers/detail/a_id/3693\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032981\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://nvidia.custhelp.com/app/answers/detail/a_id/3693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.