CVE-2021-1116: 
NVIDIA Graphics Driver vulnerability analysis and mitigation

CVE-2021-1116 is a vulnerability discovered in the NVIDIA GPU Display Driver for Windows, specifically affecting the kernel mode layer (nvlddmkm.sys). The vulnerability was disclosed on October 27, 2021, and affects multiple NVIDIA driver branches including R495, R470, R460, R450, and R418 (NVIDIA Bulletin, NVD).

The vulnerability involves a NULL pointer dereference in the kernel that can be created within user mode code. It has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access requirements with low attack complexity (NVIDIA Bulletin).

When exploited, this vulnerability can lead to a denial of service condition, specifically manifesting as a system crash. The impact is limited to system availability, with no direct impact on confidentiality or integrity (NVIDIA Bulletin).

NVIDIA has released security updates to address this vulnerability. For GeForce users, the fixed versions are 496.49 for R495 branch and 472.39 for R470 branch. For NVIDIA RTX/Quadro and NVS users, updates are available across multiple branches: 496.49 (R495), 472.39 (R470), 463.15 (R460), and 392.68 (R390). Tesla users should update to versions 472.50 (R470), 463.15 (R460), 453.23 (R450), or 427.60 (R418) depending on their branch (NVIDIA Bulletin).