PatchSiren cyber security CVE debrief
CVE-2017-0310 Freebsd CVE debrief
CVE-2017-0310 describes an access-control weakness in the kernel mode layer handler of NVIDIA GPU Display Driver versions. According to the NVD record, an unprivileged local user can trigger a denial of service. The issue was published on 2017-02-15 and later modified on 2026-05-13 in the source record.
- Vendor
- Freebsd
- Product
- CVE-2017-0310
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-15
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-15
- Advisory updated
- 2026-05-13
Who should care
Administrators and security teams managing systems with NVIDIA GPU Display Driver installed, especially environments where untrusted local users have access to the machine, multi-user workstations, VDI hosts, and other shared systems.
Technical summary
The NVD record maps this issue to NVIDIA GPU Driver and lists the vulnerability as local, low-complexity, low-privilege, no-user-interaction, with changed scope and availability impact only (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). The weakness is categorized as CWE-269 (improper privilege management). The source corpus also shows vendor advisory reference material from NVIDIA.
Defensive priority
Medium. The impact is denial of service rather than code execution, but the attack can be initiated by a low-privileged local user, so shared or user-facing systems should be reviewed promptly.
Recommended defensive actions
- Confirm whether NVIDIA GPU Display Driver is installed on exposed hosts and whether local unprivileged users have access.
- Review the NVIDIA vendor advisory referenced by NVD for affected versions and any fixed-driver guidance.
- Apply the latest vendor-recommended driver update or mitigation once validated for your platform.
- Restrict local access where practical on shared systems until remediation is completed.
- Monitor affected systems for unexpected GPU driver crashes or service interruptions.
- Track inventory to ensure devices with NVIDIA GPU hardware are covered by patch and configuration management.
Evidence notes
Primary source is the NVD CVE record, which states the vulnerability affects NVIDIA GPU Display Driver and that an unprivileged user can cause denial of service. The record includes a vendor advisory reference from NVIDIA. The CPE data in the source corpus marks nvidia:gpu_driver as vulnerable and marks FreeBSD, Linux kernel, Windows, and Solaris CPEs as not vulnerable. The provided vendor field in the input says Freebsd, but the source corpus points to NVIDIA GPU Display Driver as the affected product, so vendor attribution should be treated as inconsistent in downstream metadata.
Official resources
-
CVE-2017-0310 CVE record
CVE.org
-
CVE-2017-0310 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
Published by NVD on 2017-02-15T23:59:00.213Z and modified on 2026-05-13T00:24:29.033Z. No KEV listing is present in the supplied data.