CVE-2017-0313 Microsoft CVE debrief

Who should care

Windows administrators, endpoint security teams, and workstation owners running NVIDIA GPU drivers should treat this as important, especially in environments where local users, remote support tooling, or untrusted software can execute with low privileges. Because the attack vector is local and the impact includes privilege escalation, multi-user systems and engineering workstations deserve priority review.

Technical summary

According to the supplied NVD record, the vulnerability is in the kernel-mode layer of NVIDIA's Windows GPU Display Driver (nvlddmkm.sys) and specifically the SubmitCommandVirtual DDI implementation. Untrusted input may be used to reference memory outside the intended buffer boundary, which can lead to out-of-bounds memory access. NVD lists the weakness as CWE-119 and the CVSS vector as AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating a local attack that can affect confidentiality, integrity, and availability. The source corpus also includes a vendor advisory reference and a public exploit reference, so defenders should assume the flaw was publicly known.

Defensive priority

High for any fleet with NVIDIA Windows GPU Display Driver installed; prioritize systems with multiple users or any meaningful local-code-execution exposure. Although the attack requires local access and low privileges, the potential outcome is full privilege escalation on the host.

Recommended defensive actions

• Inventory Windows systems with NVIDIA GPU Display Driver installed and confirm whether they are affected by the driver family referenced in NVD.
• Apply the vendor's remediation guidance from the NVIDIA advisory linked in the source corpus as soon as it is available in your change process.
• Prioritize patching for shared workstations, engineering endpoints, and any system that allows low-privilege local code execution.
• Reduce exposure to untrusted local code where possible by enforcing least privilege and tightening software installation and execution controls.
• Validate remediation by confirming the updated driver package is deployed after patching.
• Track the NVD and vendor advisory references for any clarified fixed-version information if it is not already present in your internal inventory.

Evidence notes

The supplied corpus ties the issue to NVIDIA Windows GPU Display Driver (CPE: cpe:2.3:a:nvidia:gpu_driver) and describes the vulnerable component as nvlddmkm.sys in the SubmitCommandVirtual DDI. NVD lists the weakness as CWE-119 and the CVSS v3.0 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The source references include an NVIDIA vendor advisory and a public exploit-db entry, indicating public awareness. The CVE was published on 2017-02-15; the 2026-05-13 modified date is a metadata update, not the original issue date. The supplied corpus does not include a fixed version or complete remediation text.

Official resources