PatchSiren cyber security CVE debrief
CVE-2017-0315 Microsoft CVE debrief
CVE-2017-0315 affects NVIDIA Windows GPU Display Driver components in kernel mode. The issue is in the nvlddmkm.sys handler for DxgkDdiEscape, where an attempt to access an invalid object pointer may trigger a crash or potentially allow escalation of privileges. NVD rates the issue 7.8 High with a local, low-privilege attack path and no user interaction.
- Vendor
- Microsoft
- Product
- CVE-2017-0315
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-15
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-15
- Advisory updated
- 2026-05-13
Who should care
Windows workstation, VDI, and endpoint teams that manage systems with NVIDIA GPU drivers; security teams responsible for local privilege-escalation risk; and administrators who rely on GPU-accelerated desktops or graphics workloads.
Technical summary
The CVE description and NVD record identify a kernel-mode flaw in NVIDIA's Windows GPU Display Driver, specifically in nvlddmkm.sys during DxgkDdiEscape handling. The weakness is categorized as CWE-476 (invalid/null pointer dereference). NVD’s CVSS v3.0 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates a local attack requiring low privileges, with potential impact to confidentiality, integrity, and availability. The published description states the bug may lead to denial of service or potential privilege escalation.
Defensive priority
High for any Windows system with NVIDIA GPU drivers, especially shared workstations and managed endpoints where local user compromise could be leveraged for privilege escalation.
Recommended defensive actions
- Inventory Windows systems running NVIDIA GPU drivers and confirm whether they are affected by the vendor advisory referenced in the CVE record.
- Prioritize driver updates or vendor-recommended mitigations from NVIDIA PSIRT for exposed endpoints and workstations.
- Treat the issue as a local privilege-escalation risk, not just a stability problem, because the record describes potential escalation of privileges and high CIA impact.
- Monitor for unexpected crashes or driver failures involving nvlddmkm.sys on affected hosts and include the CVE in vulnerability management and remediation tracking.
Evidence notes
The source corpus describes a vulnerability in NVIDIA Windows GPU Display Driver kernel-mode code (nvlddmkm.sys) and links to NVIDIA PSIRT advisory 4398. The CVE was published on 2017-02-15 and NVD later modified the record on 2026-05-13. NVD classifies the weakness as CWE-476 and assigns CVSS v3.0 7.8 High with a local, low-privilege attack vector.
Official resources
-
CVE-2017-0315 CVE record
CVE.org
-
CVE-2017-0315 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
Public CVE published on 2017-02-15. This debrief uses the CVE/NVD record and the linked NVIDIA advisory only; no exploit details or unsupported remediation claims are included.