CVE-2021-1117: 
NVIDIA Graphics Driver vulnerability analysis and mitigation

CVE-2021-1117 is a vulnerability discovered in the NVIDIA GPU Display Driver for Windows, specifically in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape. The vulnerability was disclosed in October 2021 and affects multiple NVIDIA driver branches including R495, R470, R460, R450, and R418 (NVIDIA Security).

The vulnerability exists in the kernel mode layer handler for DxgkDdiEscape where improper input validation can occur when an attacker uses specific configurations. The vulnerability has been assigned a CVSS v3.1 base score of 4.7 with a vector of AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access required with high attack complexity (NVIDIA Security).

If successfully exploited, this vulnerability can lead to denial of service on affected systems. The attack requires local unprivileged system access and specific configurations to be exploited (NVIDIA Security).

NVIDIA has released security updates to address this vulnerability. For GeForce Windows users, version 496.49 for R495 branch and 472.39 for R470 branch are available. For NVIDIA RTX/Quadro and NVS Windows users, updates include version 496.49 (R495), 472.39 (R470), 463.15 (R460), and 392.68 (R390). For vGPU software users, updated versions are available through the NVIDIA Licensing Portal (NVIDIA Security).