CVE-2021-1091

NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.

Published: Jul 22, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-1091
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

CWEs:

CWE-59

Affected Software
References

Software	From	Fixed in
nvidia / gpu_display_driver	427.33	427.48
nvidia / gpu_display_driver	452.96	453.10
nvidia / gpu_display_driver	462.31	462.96

https://nvidia.custhelp.com/app/answers/detail/a_id/5211

Vulnerability Database

290,020

CVE-2021-1091