{"containers": {"cna": {"affected": [{"product": "Nouveau", "vendor": "Nouveau", "versions": [{"status": "affected", "version": "Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64)"}, {"status": "affected", "version": "Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)"}]}], "datePublic": "2019-03-26T00:00:00", "descriptions": [{"lang": "en", "value": "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-19T18:07:24", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "talos-cna@cisco.com", "ID": "CVE-2018-3979", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Nouveau", "version": {"version_data": [{"version_value": "Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64)"}, {"version_value": "Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)"}]}}]}, "vendor_name": "Nouveau"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)."}]}, "impact": {"cvss": {"baseScore": 7.4, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "denial of service"}]}]}, "references": {"reference_data": [{"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647", "refsource": "CONFIRM", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T04:57:24.572Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"}]}]}, "cveMetadata": {"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2018-3979", "datePublished": "2019-04-01T20:10:28", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-08-05T04:57:24.572Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_745_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B0B0969-F14F-42AD-9F69-1C4460C0CB83", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_750_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "607AAFC6-E6EC-40A0-B4B0-CCBE11B4EB6C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_750_ti_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2EE2000-3576-4717-B64C-0C68F4021385", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_840m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5270F3F-8395-4477-95A0-6CB616B29774", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_840m:-:*:*:*:*:*:*:*", "matchCriteriaId": "7496DD40-8A3C-4098-A377-F566FD2865BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_845m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "80471038-63CD-4CAF-9D6B-AD9FBDFDC9FD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_845m:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3AFBA8C-3D83-4C8E-AB22-A81EB20C012D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_850m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F05EFC5-92F0-4F0F-B757-C4ECDD1F734C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_850m:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EFFC1A6-DD6B-4EA7-AB3C-3E7809C9DDD5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_860m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8828EFE-D892-42CC-A541-B51C64289501", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_860m:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F6946F0-392C-4126-B6AA-B096526C700F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_950m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "82F295A3-3467-4765-AE4E-8C2EE79BEBB6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*", "matchCriteriaId": "C29EDF54-BEA4-49B4-96E9-CDE62F38E3DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:geforce_gtx_960m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3C8135B-FAA2-464D-B82F-F83F1BDB68EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EAB33B6-E270-4C11-8E57-2BE127C86134", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:quadro_k620_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5FD140A-A0AB-4D2C-970D-6E203C15ED4D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E03A4C2-72EF-44FC-9F97-626C8E8A17EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:quadro_k1200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8894ED9A-9F9C-46BA-8131-90296C9162B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*", "matchCriteriaId": "B84A5C10-5B3E-48F1-8F66-4B9EE9C78D24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:quadro_k2200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "39977D40-14D6-4260-ACA8-2129614C397D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:quadro_k2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BC6A4C2-101A-4C8B-AD0F-3423CAB372A1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:quadro_m1000m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7350569F-FA36-4BBC-BA10-4689B01FEE69", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:quadro_m1200m_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7B98AAC-0C1A-43E2-83DD-549D36159849", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:quadro_m1200m:-:*:*:*:*:*:*:*", "matchCriteriaId": "42C16B00-58D1-4D09-8547-D83E1351D9AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:grid_m30_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "33F00F2D-CF5F-4B36-AC9E-09B8EF350FC6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:grid_m30:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7F50616-3A42-4379-81ED-ED40639AC8AF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:grid_m40_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3113B911-40B0-4BAE-A8B5-A02383BCF754", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:grid_m40:-:*:*:*:*:*:*:*", "matchCriteriaId": "FCEF4E50-B311-4AB0-9A34-E34D854BDF0F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload)."}, {"lang": "es", "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio (DoS) remota en la manera en la que el controlador Nouveau Display (el controlador de visualizaci\u00f3n de Ubuntu Nvidia por defecto) gestiona la ejecuci\u00f3n del shader de la GPU. Un shader de p\u00edxeles especialmente manipulado puede provocar fallos de denegaci\u00f3n de servicio (DoS) remota. Un atacante puede proporcionar una imagen especialmente manipulada para desencadenar esta vulnerabilidad. Esta vulnerabilidad puede desencadenarse de manera remota despu\u00e9s de que el usuario visita un sitio web mal formado. No se requiere otra interacci\u00f3n del usuario. Las versiones vulnerables incluyen la 18.04 LTS de Ubuntu (linux 4.15.0-29-generic x86_64) y la NV117 del controlador Nouveau Display (vermagic: 4.15.0-29-generic SMP mod_unload)."}], "id": "CVE-2018-3979", "lastModified": "2023-02-09T01:38:12.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-01T21:30:43.110", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0647"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}