Login Sign Up

CVE-2021-1091

7.1 HIGH

📋 TL;DR

This vulnerability in NVIDIA GPU Display drivers for Windows allows unprivileged users to create hard links that trick the driver into overwriting protected system files. This could lead to denial of service or data corruption. Only Windows systems with vulnerable NVIDIA GPU drivers are affected.

💻 Affected Systems

Products:
  • NVIDIA GPU Display Driver
Versions: Windows driver versions prior to 466.47
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Windows NVIDIA GPU drivers. Linux and other OS versions are not affected.

📦 What is this software?

Gpu Display Driver by Nvidia

View all CVEs affecting Gpu Display Driver →

Gpu Display Driver by Nvidia

View all CVEs affecting Gpu Display Driver →

Gpu Display Driver by Nvidia

View all CVEs affecting Gpu Display Driver →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Critical system files could be overwritten, causing system instability, data loss, or complete system failure requiring reinstallation.

🟠

Likely Case

Local denial of service through file corruption or system instability, potentially requiring system restoration.

🟢

If Mitigated

Minimal impact with proper user privilege separation and file system permissions in place.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access.
🏢 Internal Only: MEDIUM - Malicious insiders or compromised user accounts could exploit this to disrupt systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local user access and knowledge of file system manipulation techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 466.47 or later

Vendor Advisory: https://nvidia.custhelp.com/app/answers/detail/a_id/5211

Restart Required: Yes

Instructions:

1. Download latest NVIDIA driver from official website. 2. Run installer with administrative privileges. 3. Select 'Custom installation' and choose 'Perform clean installation'. 4. Complete installation and restart system.

🔧 Temporary Workarounds

Restrict user file creation permissions

windows

Limit user permissions to create hard links in sensitive directories

Use Windows Group Policy to restrict file system permissions

🧯 If You Can't Patch

  • Implement strict user privilege separation and least privilege principles
  • Monitor for unusual file system activity and hard link creation attempts

🔍 How to Verify

Check if Vulnerable:

Check NVIDIA driver version in Device Manager > Display adapters > NVIDIA GPU > Driver tab

Check Version:

Open NVIDIA Control Panel > System Information > Driver Version

Verify Fix Applied:

Verify driver version is 466.47 or higher after update

📡 Detection & Monitoring

Log Indicators:

  • Windows Security logs showing file permission changes
  • Application logs showing driver errors

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

EventID=4656 OR EventID=4663 with TargetObject containing sensitive system paths

📊 Metadata

CVE ID: CVE-2021-1091
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-59
Published: July 22, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-1091, you might also want to check these:

CVE-2024-37143 10.0

This CVE describes an Improper Link Resolution Before File Access vulnerability in multiple Dell Pow...

Same vulnerability type (CWE-59)
CVE-2024-28185 10.0

CVE-2024-28185 is a critical symlink vulnerability in Judge0 that allows attackers to write arbitrar...

Same vulnerability type (CWE-59)
CVE-2024-48862 9.8

CVE-2024-48862 is a path traversal vulnerability in QNAP's QuLog Center that allows remote attackers...

Same vulnerability type (CWE-59)