CVE-2017-6259

NameCVE-2017-6259
DescriptionNVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: remote)
Debian Bugs869783

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)wheezy/non-free304.131-1vulnerable
jessie/non-free340.102-1vulnerable
stretch/non-free375.82-1~deb9u1fixed
buster/non-free, sid/non-free384.98-3fixed
nvidia-graphics-drivers-legacy-304xx (PTS)jessie/non-free304.135-1fixed
stretch/non-free304.135-2fixed
buster/non-free, sid/non-free304.137-3fixed
nvidia-graphics-drivers-legacy-340xx (PTS)stretch/non-free340.102-1fixed
buster/non-free, sid/non-free340.104-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssource(unstable)375.82-1high869783
nvidia-graphics-driverssourcestretch375.82-1~deb9u1high
nvidia-graphics-driverssourcewheezy(unfixed)end-of-life
nvidia-graphics-drivers-legacy-304xxsource(unstable)(not affected)
nvidia-graphics-drivers-legacy-340xxsource(unstable)(not affected)

Notes

[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <not-affected> (Limited to E384 and E375)
- nvidia-graphics-drivers-legacy-304xx <not-affected> (Limited to E384 and E375)

Search for package or bug name: Reporting problems