Vulnerabilites related to nvidia - rtx
cve-2022-34675
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.825Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-11T00:00:00", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34675", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:15.825Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34680
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:16.076Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-197", description: "CWE-197", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:55.546760", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34680", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:16.076Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42254
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:16.348616", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42254", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.926Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42262
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.722Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-30T00:00:00", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42262", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.722Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42258
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.929Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:35.843334", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42258", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.929Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21815
Vulnerability from cvelistv5
Published
2022-02-07 20:00
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Version: All GPU Driver versions for Windows |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:36.246Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU Display Driver", vendor: "NVIDIA", versions: [ { status: "affected", version: "All GPU Driver versions for Windows", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-09T19:35:14", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2022-21815", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU Display Driver", version: { version_data: [ { version_value: "All GPU Driver versions for Windows", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.", }, ], }, impact: { cvss: { baseScore: 5.5, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476: NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-21815", datePublished: "2022-02-07T20:00:17", dateReserved: "2021-12-10T00:00:00", dateUpdated: "2024-08-03T02:53:36.246Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42261
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.941Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:28.318920", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42261", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.941Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42259
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.786Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:23.696887", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42259", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.786Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34671
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2025-02-13 16:32
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver for Windows |
Version: All versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.702Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, { tags: [ "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720", }, { tags: [ "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721", }, { tags: [ "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver for Windows", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.</span>\n\n</p>", }, ], value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Code execution, information disclosure, and denial of service", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-21T22:06:10.259Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720", }, { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721", }, { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34671", datePublished: "2022-12-30T00:00:00.000Z", dateReserved: "2022-06-27T00:00:00.000Z", dateUpdated: "2025-02-13T16:32:47.042Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21813
Vulnerability from cvelistv5
Published
2022-02-07 00:00
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Version: All GPU Driver versions for Linux |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:36.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU Display Driver", vendor: "NVIDIA", versions: [ { status: "affected", version: "All GPU Driver versions for Linux", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:43.478146", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-21813", datePublished: "2022-02-07T00:00:00", dateReserved: "2021-12-10T00:00:00", dateUpdated: "2024-08-03T02:53:36.217Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21814
Vulnerability from cvelistv5
Published
2022-02-07 00:00
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Version: All GPU Drivers for Linux |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:36.204Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU Display Driver", vendor: "NVIDIA", versions: [ { status: "affected", version: "All GPU Drivers for Linux", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-280", description: "CWE-280 Improper Handling of Insufficient Permissions or Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:25.441310", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-21814", datePublished: "2022-02-07T00:00:00", dateReserved: "2021-12-10T00:00:00", dateUpdated: "2024-08-03T02:53:36.204Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34684
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.827Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:34.360517", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34684", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:15.827Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25515
Vulnerability from cvelistv5
Published
2023-06-23 17:07
Modified
2024-11-29 14:34
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | GPU Display Driver for Windows and Linux |
Version: All versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:25:18.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*", ], defaultStatus: "unaffected", product: "gpu_display_driver", vendor: "nvidia", versions: [ { lessThanOrEqual: "15.2", status: "affected", version: "0", versionType: "custom", }, { status: "affected", version: "13.7", }, { status: "affected", version: "11.12", }, { lessThanOrEqual: "may2023", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:*", ], defaultStatus: "unaffected", product: "gpu_display_driver", vendor: "nvidia", versions: [ { lessThanOrEqual: "15.2", status: "affected", version: "0", versionType: "custom", }, { status: "affected", version: "13.7", }, { status: "affected", version: "11.2", }, { lessThanOrEqual: "may2023", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-25515", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:31:46.762145Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:34:40.209Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "GPU Display Driver for Windows and Linux", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.</span>\n\n </span>\n\n", }, ], value: "\n\n\nNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.\n\n \n\n", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Code execution, denial of service, escalation of privileges, data tampering, or information disclosure", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE-822", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-03T23:26:15.468Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2023-25515", datePublished: "2023-06-23T17:07:50.994Z", dateReserved: "2023-02-07T02:57:17.083Z", dateUpdated: "2024-11-29T14:34:40.209Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42260
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.896Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, NVIDIA Cloud Gaming (guest driver)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-281", description: "CWE-281", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:11.877357", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42260", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.896Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0089
Vulnerability from cvelistv5
Published
2024-06-13 21:23
Modified
2024-08-01 17:41
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Version: All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:nvidia:geforce:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "geforce", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:studio:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "studio", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:quadro_firmware:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "quadro_firmware", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:nvs_firmware:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nvs_firmware", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:rtx:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "rtx", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:tesla:552.55:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tesla", vendor: "nvidia", versions: [ { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-0089", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-06-15T03:55:35.510137Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-17T12:53:30.805Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T17:41:15.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "GPU display driver, vGPU software, and Cloud Gaming", vendor: "nvidia", versions: [ { status: "affected", version: "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.", }, ], value: "NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Code execution, information disclosure, data tampering", }, ], }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-665", description: "CWE-665", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-13T21:23:29.198Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], source: { discovery: "UNKNOWN", }, title: "CVE", }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0089", datePublished: "2024-06-13T21:23:29.198Z", dateReserved: "2023-12-02T00:41:59.121Z", dateUpdated: "2024-08-01T17:41:15.971Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34670
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.748Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-197", description: "CWE-197", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:40.427321", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34670", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:15.748Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31607
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to the August 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:26:00.703Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to the August 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:17.608507", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-31607", datePublished: "2022-11-18T00:00:00", dateReserved: "2022-05-24T00:00:00", dateUpdated: "2024-08-03T07:26:00.703Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34673
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver for Linux |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.694Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU Display Driver for Linux", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:59.928181", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34673", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:15.694Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34674
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.865Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:06.046625", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34674", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:15.865Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0107
Vulnerability from cvelistv5
Published
2024-08-08 16:57
Modified
2024-08-08 18:36
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | GPU Display Driver, vGPU Software, Cloud Gaming |
Version: All versions up to and including the June 2024 release |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0107", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-08T18:35:37.897108Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-08T18:36:36.982Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Windows", ], product: "GPU Display Driver, vGPU Software, Cloud Gaming", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions up to and including the June 2024 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.</span>", }, ], value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Code execution, denial of service, escalation of privileges, information disclosure, data tampering", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-08T16:57:49.154Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5557", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0107", datePublished: "2024-08-08T16:57:49.154Z", dateReserved: "2023-12-02T00:42:17.123Z", dateUpdated: "2024-08-08T18:36:36.982Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0199
Vulnerability from cvelistv5
Published
2023-04-22 02:19
Modified
2025-02-13 16:38
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Version: All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:02:43.819Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-0199", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:17:34.284411Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T19:18:03.699Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.", }, ], value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Data Tampering, Denial of Service", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:06.541Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { url: "https://security.gentoo.org/glsa/202310-02", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2023-0199", datePublished: "2023-04-22T02:19:48.182Z", dateReserved: "2023-01-11T05:48:51.162Z", dateUpdated: "2025-02-13T16:38:51.743Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0091
Vulnerability from cvelistv5
Published
2024-06-13 21:23
Modified
2024-08-01 17:41
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Version: All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:nvidia:geforce:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "geforce", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:studio:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "studio", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:quadro_firmware:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "quadro_firmware", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:nvs_firmware:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "nvs_firmware", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:rtx:555.99:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "rtx", vendor: "nvidia", versions: [ { lessThan: "555.99", status: "affected", version: "0", versionType: "custom", }, { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:tesla:552.55:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tesla", vendor: "nvidia", versions: [ { lessThan: "552.55", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-0091", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-06-14T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-15T03:55:35.767Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T17:41:15.985Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "GPU display driver, vGPU software, and Cloud Gaming", vendor: "nvidia", versions: [ { status: "affected", version: "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.", }, ], value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of service, information disclosure, data tampering", }, ], }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE-822", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-13T21:23:29.556Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], source: { discovery: "UNKNOWN", }, title: "CVE", }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0091", datePublished: "2024-06-13T21:23:29.556Z", dateReserved: "2023-12-02T00:42:00.978Z", dateUpdated: "2024-08-01T17:41:15.985Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42264
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.935Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE-823", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:34.539622", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42264", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.935Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0090
Vulnerability from cvelistv5
Published
2024-06-13 21:23
Modified
2024-08-01 17:41
Severity ?
EPSS score ?
Summary
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Version: All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "gpu_display_driver", vendor: "nvidia", versions: [ { lessThanOrEqual: "17.1", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "16.5", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "13.10", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "virtual_gpu", vendor: "nvidia", versions: [ { lessThanOrEqual: "16.5", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "17.1", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "13.10", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "cloud_gaming", vendor: "nvidia", versions: [ { lessThanOrEqual: "13.10", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "17.1", status: "affected", version: "0", versionType: "custom", }, { lessThanOrEqual: "16.5", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-0090", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-06-14T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-15T03:55:33.792Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T17:41:15.818Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "GPU display driver, vGPU software, and Cloud Gaming", vendor: "nvidia", versions: [ { status: "affected", version: "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], value: "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Code execution, denial of service, escalation of privileges, information disclosure, data tampering", }, ], }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-13T21:23:28.800Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], source: { discovery: "UNKNOWN", }, title: "CVE", }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0090", datePublished: "2024-06-13T21:23:28.800Z", dateReserved: "2023-12-02T00:41:59.934Z", dateUpdated: "2024-08-01T17:41:15.818Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0184
Vulnerability from cvelistv5
Published
2023-04-22 02:18
Modified
2025-02-13 16:38
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Version: All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:02:43.745Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-0184", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:18:57.440585Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T19:19:34.685Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of Service, Escalation of Privileges, Information Disclosure, Data Tampering", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE-822", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:18.482Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { url: "https://security.gentoo.org/glsa/202310-02", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2023-0184", datePublished: "2023-04-22T02:18:16.993Z", dateReserved: "2023-01-11T05:48:41.769Z", dateUpdated: "2025-02-13T16:38:45.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42265
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver for Linux |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.680Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU Display Driver for Linux", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:38.886320", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42265", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.680Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42263
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:26.872007", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42263", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.675Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34677
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.722Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:41.944367", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-34677", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2024-08-03T09:15:15.722Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0190
Vulnerability from cvelistv5
Published
2023-04-22 02:19
Modified
2025-02-13 16:38
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver |
Version: All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:02:43.809Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-0190", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:18:37.949508Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T19:18:42.396Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.", }, ], value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of Service", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:31.982Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { url: "https://security.gentoo.org/glsa/202310-02", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2023-0190", datePublished: "2023-04-22T02:19:06.133Z", dateReserved: "2023-01-11T05:48:45.857Z", dateUpdated: "2025-02-13T16:38:48.911Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31615
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | GeForce, Workstation, Compute |
Version: All versions prior to the August 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:26:01.302Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "GeForce, Workstation, Compute", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to the August 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:49.627028", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-31615", datePublished: "2022-11-18T00:00:00", dateReserved: "2022-05-24T00:00:00", dateUpdated: "2024-08-03T07:26:01.302Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0092
Vulnerability from cvelistv5
Published
2024-06-13 21:23
Modified
2024-08-01 17:41
Severity ?
EPSS score ?
Summary
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Version: All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0092", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-17T16:45:14.826848Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-17T16:45:23.624Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T17:41:15.947Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "GPU display driver, vGPU software, and Cloud Gaming", vendor: "nvidia", versions: [ { status: "affected", version: "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: true, type: "text/html", value: "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.", }, ], value: "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of service", }, ], }, ], metrics: [ { cvssV3_1: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-703", description: "CWE-703", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-13T21:23:30.327Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], source: { discovery: "UNKNOWN", }, title: "CVE", }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0092", datePublished: "2024-06-13T21:23:30.327Z", dateReserved: "2023-12-02T00:42:01.816Z", dateUpdated: "2024-08-01T17:41:15.947Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42257
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.760Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:07:37.405120", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { name: "[debian-lts-announce] 20230511 [SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42257", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.760Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31608
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | GeForce, Workstation, Compute |
Version: All versions prior to the August 2022 release |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:26:00.902Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "GeForce, Workstation, Compute", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to the August 2022 release", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-281", description: "CWE-281 Improper Preservation of Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T14:06:26.816560", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { name: "GLSA-202310-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-31608", datePublished: "2022-11-18T00:00:00", dateReserved: "2022-05-24T00:00:00", dateUpdated: "2024-08-03T07:26:00.902Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un desbordamiento de enteros puede provocar la divulgación de información o la manipulación de datos.", }, ], id: "CVE-2022-42265", lastModified: "2024-11-21T07:24:37.133", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.513", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
6.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador de capa del modo kernel, donde una función auxiliar asigna más páginas físicas de las solicitadas, lo que puede provocar un comportamiento indefinido o una fuga de información.", }, ], id: "CVE-2022-34674", lastModified: "2024-11-21T07:09:57.467", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 4.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:09.710", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C1777FEA-7B6B-4629-BFFD-E45492C96D18", versionEndExcluding: "390.154", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "6B30520A-D378-4CC8-812D-3B443740D6E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C1777FEA-7B6B-4629-BFFD-E45492C96D18", versionEndExcluding: "390.154", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "6A5C4A60-A16B-4BDA-BFDF-482A254F237F", versionEndExcluding: "450.203.03", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "75C6DE26-88F2-428E-B761-754BD027E015", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel, donde un usuario local con capacidades básicas puede provocar una desreferencia de puntero nulo, lo que puede provocar una Denegación de Servicio (DoS).", }, ], id: "CVE-2022-31615", lastModified: "2024-11-21T07:04:51.337", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-19T00:15:26.543", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador de capa del modo kernel, donde un truncamiento de números enteros puede provocar una lectura fuera de los límites, lo que puede provocar una Denegación de Servicio (DoS).", }, ], id: "CVE-2022-34680", lastModified: "2024-11-21T07:09:58.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:10.247", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-197", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-681", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un desbordamiento de enteros puede provocar Denegación de Servicio (DoS), manipulación de datos o divulgación de información.", }, ], id: "CVE-2022-42258", lastModified: "2024-11-21T07:24:36.087", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:10.963", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-22 03:15
Modified
2024-11-21 07:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5452 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5452 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9D77307A-16B0-4C98-A8AC-ECBFB2EC434C", versionEndExcluding: "470.182.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2684008A-1AAD-445D-BBC1-7073FDD5442A", versionEndExcluding: "515.105.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D6836303-BA7D-4E65-948B-2BC67CA635F5", versionEndExcluding: "525.105.17", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9C654F1D-85AD-4838-AA0B-D1FAEAC6FF71", versionEndExcluding: "530.41.03", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "7906887A-3589-422F-BCC0-0547DEA150A6", versionEndExcluding: "450.236.01", versionStartIncluding: "450", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "2E2902D2-633E-4065-ABD5-A7A2CBD9965E", versionEndExcluding: "454.14", versionStartIncluding: "450", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "122A3080-A6A7-4F69-8A11-2247C56E3512", versionEndExcluding: "474.30", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "ABFB6AEB-975B-488F-B490-7535D1F04075", versionEndExcluding: "518.03", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "0C4C06DD-AF93-4497-8712-D8115842DE59", versionEndExcluding: "528.89", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2", versionEndExcluding: "531.41", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "122A3080-A6A7-4F69-8A11-2247C56E3512", versionEndExcluding: "474.30", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2", versionEndExcluding: "531.41", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.", }, ], id: "CVE-2023-0184", lastModified: "2024-11-21T07:36:42.360", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-22T03:15:08.817", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-822", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-13 22:15
Modified
2024-11-21 08:45
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | studio | - | |
| nvidia | tesla | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| microsoft | windows | - | |
| nvidia | cloud_gaming | * | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "32EB51D2-1F34-4D1D-8B23-4029E350140F", versionEndExcluding: "475.06", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6A930DF9-CB95-4BE4-999C-D75AB2C8C4AC", versionEndExcluding: "538.67", versionStartIncluding: "535", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "5C44719A-BFA0-479C-97D4-26301F4E2C63", versionEndExcluding: "552.55", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "940E9BEA-9FBE-4E3B-A79D-111C52653E5F", versionEndExcluding: "555.99", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "44592EFE-8D69-4B7F-B089-A612B5217199", versionEndExcluding: "13.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "A5CBF021-7A5A-412A-BBC2-EB75C6343BB1", versionEndExcluding: "16.6", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "2DFC08A7-3121-4D8F-88A6-9304C173A439", versionEndExcluding: "17.2", versionStartIncluding: "17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "5C8E669A-9DE1-42BD-94B1-98437BB66002", versionEndExcluding: "555.99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la que se podría revelar información de un cliente anterior u otro proceso. Una explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código, la divulgación de información o la manipulación de datos.", }, ], id: "CVE-2024-0089", lastModified: "2024-11-21T08:45:52.277", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-13T22:15:11.940", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-665", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-665", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.", }, { lang: "es", value: "NVIDIA Display Driver para Linux contiene una vulnerabilidad en Virtual GPU Manager, donde no verifica el valor de retorno de una desreferencia de puntero nulo, lo que puede provocar una Denegación de Servicio (DoS).", }, ], id: "CVE-2022-34675", lastModified: "2024-11-21T07:09:57.633", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:09.807", references: [ { source: "psirt@nvidia.com", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C1777FEA-7B6B-4629-BFFD-E45492C96D18", versionEndExcluding: "390.154", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "6B30520A-D378-4CC8-812D-3B443740D6E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*", matchCriteriaId: "BF656F94-6425-44EC-BCDA-6E9F9BC7546B", versionEndExcluding: "515.65.01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C1777FEA-7B6B-4629-BFFD-E45492C96D18", versionEndExcluding: "390.154", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "6A5C4A60-A16B-4BDA-BFDF-482A254F237F", versionEndExcluding: "450.203.03", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "75C6DE26-88F2-428E-B761-754BD027E015", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un usuario local con capacidades básicas puede provocar una validación de entrada incorrecta, lo que puede provocar Denegación de Servicio (DoS), escalada de privilegios, manipulación de datos y acceso limitado divulgación de información.", }, ], id: "CVE-2022-31607", lastModified: "2024-11-21T07:04:50.300", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-19T00:15:23.190", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un desbordamiento de enteros puede provocar la divulgación de información, la manipulación de datos o la Denegación de Servicio (DoS).", }, ], id: "CVE-2022-42257", lastModified: "2024-11-21T07:24:35.930", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:10.897", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-23 18:15
Modified
2024-11-21 07:49
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 (High) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.6 (High) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| microsoft | windows | - | |
| nvidia | cloud_gaming | * | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "BE5B7AC6-3A49-46AB-A466-216515A2E7D6", versionEndExcluding: "474.44", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "FE08BF6D-C3C1-4905-85FD-3D1A4CB612F4", versionEndExcluding: "536.23", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "0F7FEA94-AA4F-46ED-9CA7-E0811E354637", versionEndExcluding: "536.40", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "BE5B7AC6-3A49-46AB-A466-216515A2E7D6", versionEndExcluding: "474.44", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "4F7E5174-40CB-46BA-BA7B-363D5949C99B", versionEndExcluding: "529.11", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "092849D3-A62C-43E5-BDD7-5A4D7CA45794", versionEndExcluding: "536.25", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "AFDAA231-118A-4246-A53E-C3F144BD027A", versionEndExcluding: "454.23", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "BE5B7AC6-3A49-46AB-A466-216515A2E7D6", versionEndExcluding: "474.44", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "4F7E5174-40CB-46BA-BA7B-363D5949C99B", versionEndExcluding: "529.11", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "092849D3-A62C-43E5-BDD7-5A4D7CA45794", versionEndExcluding: "536.25", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "F74C5712-6BF6-486E-8B72-BBAD45F428CB", versionEndExcluding: "470.199.02", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "23955A71-2DD7-4A63-BA9E-05967C40E49B", versionEndExcluding: "525.125.06", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D069A217-D9A2-4B07-91CA-424852FD4A85", versionEndExcluding: "535.54.03", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "613588B1-1B4C-43E3-8327-528D512F3A76", versionEndExcluding: "450.248.02", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "F74C5712-6BF6-486E-8B72-BBAD45F428CB", versionEndExcluding: "470.199.02", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "23955A71-2DD7-4A63-BA9E-05967C40E49B", versionEndExcluding: "525.125.06", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D069A217-D9A2-4B07-91CA-424852FD4A85", versionEndExcluding: "535.54.03", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "81A64668-3B60-402B-B0EF-919079700FB9", versionEndExcluding: "11.12", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "65AFFB06-AC6E-426A-97D0-768F34853D6A", versionEndExcluding: "13.7", versionStartIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "41388772-0B7C-4238-8021-590D0F1C0CE8", versionEndExcluding: "15.2", versionStartIncluding: "15.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "A8D1ABE1-A024-4BD1-832A-AB459D85227D", versionEndExcluding: "531.79", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "\n\n\nNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.\n\n \n\n", }, ], id: "CVE-2023-25515", lastModified: "2024-11-21T07:49:38.937", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-23T18:15:10.887", references: [ { source: "psirt@nvidia.com", url: "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-822", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-13 22:15
Modified
2024-11-21 08:45
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | studio | - | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | tesla | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| canonical | ubuntu_linux | - | |
| citrix | hypervisor | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| vmware | vsphere | - | |
| nvidia | cloud_gaming | * | |
| microsoft | windows | - | |
| nvidia | cloud_gaming | * | |
| linux | linux_kernel | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| vmware | vsphere | - | |
| nvidia | virtual_gpu | * | |
| microsoft | azure_stack_hci | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "5C44719A-BFA0-479C-97D4-26301F4E2C63", versionEndExcluding: "552.55", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "940E9BEA-9FBE-4E3B-A79D-111C52653E5F", versionEndExcluding: "555.99", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9BEA1462-AA33-4ED9-91CD-737525B9E2C4", versionEndExcluding: "550.90.07", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "B0AB9E55-DB20-4FA4-8900-61C224514B49", versionEndExcluding: "555.52.04", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "44592EFE-8D69-4B7F-B089-A612B5217199", versionEndExcluding: "13.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "A5CBF021-7A5A-412A-BBC2-EB75C6343BB1", versionEndExcluding: "16.6", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "2DFC08A7-3121-4D8F-88A6-9304C173A439", versionEndExcluding: "17.2", versionStartIncluding: "17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*", matchCriteriaId: "019A2188-0877-45DE-8512-F0BF70DD179C", vulnerable: false, }, { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "5C8E669A-9DE1-42BD-94B1-98437BB66002", versionEndExcluding: "555.99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "699C6D58-B26C-4F27-A1BD-A1A80E0D6A36", versionEndExcluding: "555.52.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "6907E2B7-9C1A-4964-A6D3-CF16E376B91E", versionEndExcluding: "17.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "1CF31A34-9492-498F-8A78-F233C0075CB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.", }, { lang: "es", value: "El controlador de pantalla GPU NVIDIA para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una desreferencia de un puntero que no es de confianza ejecutando una API del controlador. Una explotación exitosa de esta vulnerabilidad podría provocar denegación de servicio, divulgación de información y manipulación de datos.", }, ], id: "CVE-2024-0091", lastModified: "2024-11-21T08:45:52.570", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-13T22:15:12.430", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-822", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-13 22:15
Modified
2024-11-21 08:45
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "32EB51D2-1F34-4D1D-8B23-4029E350140F", versionEndExcluding: "475.06", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6A930DF9-CB95-4BE4-999C-D75AB2C8C4AC", versionEndExcluding: "538.67", versionStartIncluding: "535", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "5C44719A-BFA0-479C-97D4-26301F4E2C63", versionEndExcluding: "552.55", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "940E9BEA-9FBE-4E3B-A79D-111C52653E5F", versionEndExcluding: "555.99", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D66C0B72-0A3F-4D61-8BF5-B0BED03014E0", versionEndExcluding: "470.256.02", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3EC43E03-3909-4AB5-A9FD-198E55167AD2", versionEndExcluding: "535.180.01", versionStartIncluding: "535", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9BEA1462-AA33-4ED9-91CD-737525B9E2C4", versionEndExcluding: "550.90.07", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "B0AB9E55-DB20-4FA4-8900-61C224514B49", versionEndExcluding: "555.52.04", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "44592EFE-8D69-4B7F-B089-A612B5217199", versionEndExcluding: "13.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "A5CBF021-7A5A-412A-BBC2-EB75C6343BB1", versionEndExcluding: "16.6", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "2DFC08A7-3121-4D8F-88A6-9304C173A439", versionEndExcluding: "17.2", versionStartIncluding: "17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*", matchCriteriaId: "019A2188-0877-45DE-8512-F0BF70DD179C", vulnerable: false, }, { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "29526088-0276-428D-AD82-F3F91666A9DA", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "699C6D58-B26C-4F27-A1BD-A1A80E0D6A36", versionEndExcluding: "555.52.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "6907E2B7-9C1A-4964-A6D3-CF16E376B91E", versionEndExcluding: "17.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "1CF31A34-9492-498F-8A78-F233C0075CB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.", }, { lang: "es", value: "El controlador NVIDIA GPU para Windows y Linux contiene una vulnerabilidad en la que una verificación incorrecta o un manejo inadecuado de las condiciones de excepción podrían provocar una denegación de servicio.", }, ], id: "CVE-2024-0092", lastModified: "2024-11-21T08:45:52.720", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-13T22:15:12.647", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-703", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| citrix | hypervisor | - | |
| linux | linux_kernel | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| vmware | vsphere | - | |
| nvidia | cloud_gaming | * | |
| linux | linux_kernel | - | |
| nvidia | cloud_gaming | * | |
| citrix | hypervisor | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un error de uno en uno puede provocar manipulación de datos o divulgación de información.", }, ], id: "CVE-2022-34684", lastModified: "2024-11-21T07:09:58.863", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:10.583", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-193", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-08 17:15
Modified
2024-09-17 12:10
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5557 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | tesla | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| microsoft | windows | - | |
| nvidia | cloud_gaming | - | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "F827DAD3-DE90-4D35-9714-BCE8867346F1", versionEndExcluding: "475.14", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "7DC94E15-087D-4EAC-A964-B7FCC52DF9A7", versionEndExcluding: "556.12", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "F827DAD3-DE90-4D35-9714-BCE8867346F1", versionEndExcluding: "475.14", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "7CAEE936-4CE3-4426-8427-101D4722769D", versionEndExcluding: "538.78", versionStartIncluding: "535", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "2659C6F1-055B-40F2-8346-CC5B13AC02C3", versionEndExcluding: "552.74", versionStartIncluding: "550", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "6D056325-704D-41DD-AEC4-800F533EC09C", versionEndExcluding: "13.12", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "8F8A6A1A-3E7C-4EF3-B036-FA7E280303ED", versionEndExcluding: "16.7", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "36411217-8F4D-4D60-B42D-328F9EF4291D", versionEndExcluding: "17.3", versionStartIncluding: "17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*", matchCriteriaId: "34B75665-F0B3-4960-8879-709F699D915E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa de modo de usuario, donde un usuario normal sin privilegios puede provocar una lectura fuera de los límites. Una explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código, denegación de servicio, escalada de privilegios, divulgación de información y manipulación de datos.", }, ], id: "CVE-2024-0107", lastModified: "2024-09-17T12:10:22.063", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-08T17:15:18.240", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5557", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-13 22:15
Modified
2024-11-21 08:45
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "32EB51D2-1F34-4D1D-8B23-4029E350140F", versionEndExcluding: "475.06", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6A930DF9-CB95-4BE4-999C-D75AB2C8C4AC", versionEndExcluding: "538.67", versionStartIncluding: "535", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "5C44719A-BFA0-479C-97D4-26301F4E2C63", versionEndExcluding: "552.55", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "940E9BEA-9FBE-4E3B-A79D-111C52653E5F", versionEndExcluding: "555.99", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D66C0B72-0A3F-4D61-8BF5-B0BED03014E0", versionEndExcluding: "470.256.02", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3EC43E03-3909-4AB5-A9FD-198E55167AD2", versionEndExcluding: "535.180.01", versionStartIncluding: "535", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9BEA1462-AA33-4ED9-91CD-737525B9E2C4", versionEndExcluding: "550.90.07", versionStartIncluding: "550", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "B0AB9E55-DB20-4FA4-8900-61C224514B49", versionEndExcluding: "555.52.04", versionStartIncluding: "555", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "44592EFE-8D69-4B7F-B089-A612B5217199", versionEndExcluding: "13.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "A5CBF021-7A5A-412A-BBC2-EB75C6343BB1", versionEndExcluding: "16.6", versionStartIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "2DFC08A7-3121-4D8F-88A6-9304C173A439", versionEndExcluding: "17.2", versionStartIncluding: "17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*", matchCriteriaId: "019A2188-0877-45DE-8512-F0BF70DD179C", vulnerable: false, }, { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "5C8E669A-9DE1-42BD-94B1-98437BB66002", versionEndExcluding: "555.99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "699C6D58-B26C-4F27-A1BD-A1A80E0D6A36", versionEndExcluding: "555.52.04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "6907E2B7-9C1A-4964-A6D3-CF16E376B91E", versionEndExcluding: "17.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "1CF31A34-9492-498F-8A78-F233C0075CB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, { lang: "es", value: "El controlador de GPU NVIDIA para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una escritura fuera de los límites. Una explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código, denegación de servicio, escalada de privilegios, divulgación de información y manipulación de datos.", }, ], id: "CVE-2024-0090", lastModified: "2024-11-21T08:45:52.430", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-13T22:15:12.170", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un acceso a la matriz fuera de los límites puede provocar Denegación de Servicio (DoS), divulgación de información o manipulación de datos.", }, ], id: "CVE-2022-34673", lastModified: "2024-11-21T07:09:57.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 2.5, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:09.610", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador de capa del modo kernel, donde un desbordamiento de enteros puede provocar Denegación de Servicio (DoS) o divulgación de información.", }, ], id: "CVE-2022-42263", lastModified: "2024-11-21T07:24:36.843", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.360", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un desbordamiento de enteros puede provocar una Denegación de Servicio (DoS).", }, ], id: "CVE-2022-42259", lastModified: "2024-11-21T07:24:36.247", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 2.5, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.030", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel, donde un usuario normal sin privilegios puede provocar el uso de un desplazamiento del puntero fuera de rango, lo que puede provocar manipulación o pérdida de datos, divulgación de información o denegación de acceso. servicio.", }, ], id: "CVE-2022-42264", lastModified: "2024-11-21T07:24:36.990", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.443", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-823", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| citrix | hypervisor | - | |
| linux | linux_kernel | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| vmware | vsphere | - | |
| nvidia | cloud_gaming | * | |
| citrix | hypervisor | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.", }, { lang: "es", value: "El software NVIDIA vGPU contiene una vulnerabilidad en Virtual GPU Manager (complemento vGPU), donde un índice de entrada no se valida, lo que puede provocar una saturación del búfer, lo que a su vez puede causar manipulación de datos, divulgación de información o Denegación de Servicio (DoS).", }, ], id: "CVE-2022-42262", lastModified: "2024-11-21T07:24:36.697", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.263", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2025-02-13 17:15
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "B19EABAD-2FA5-4C85-AF5A-86A92934E21F", versionEndExcluding: "474.14", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "92FDDB0C-1F5B-4559-8ACA-F7D889379384", versionEndExcluding: "514.08", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "7CD854B9-D2EA-4797-8CD6-5CE7BF431EDC", versionEndExcluding: "517.88", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "EFC7E8ED-C6D0-4ADB-B914-850B86E85DC6", versionEndExcluding: "527.27", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "1B6ED659-FE16-4240-AB72-F33BCEB67616", versionEndExcluding: "454.02", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "B19EABAD-2FA5-4C85-AF5A-86A92934E21F", versionEndExcluding: "474.14", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "92FDDB0C-1F5B-4559-8ACA-F7D889379384", versionEndExcluding: "514.08", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "E7C44AD7-7797-4CB6-B6B7-59176B72E417", versionEndIncluding: "517.88", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "E07CE5FB-5FE4-449B-9A8C-FE3836F355D2", versionEndExcluding: "527.41", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "FF62D74B-A5A4-4A81-9D00-DDA6A8A1F05D", versionEndExcluding: "526.98", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "B19EABAD-2FA5-4C85-AF5A-86A92934E21F", versionEndExcluding: "474.14", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "FF62D74B-A5A4-4A81-9D00-DDA6A8A1F05D", versionEndExcluding: "526.98", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa de modo de usuario, donde un usuario sin privilegios puede provocar una escritura fuera de los límites, lo que puede provocar la ejecución de código, la divulgación de información y la Denegación de Servicio (DoS).", }, ], id: "CVE-2022-34671", lastModified: "2025-02-13T17:15:41.260", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:09.430", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, { source: "psirt@nvidia.com", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719", }, { source: "psirt@nvidia.com", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720", }, { source: "psirt@nvidia.com", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5468", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| citrix | hypervisor | - | |
| linux | linux_kernel | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| vmware | vsphere | - | |
| nvidia | cloud_gaming | * | |
| linux | linux_kernel | - | |
| nvidia | cloud_gaming | * | |
| citrix | hypervisor | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un acceso a la matriz fuera de los límites puede provocar Denegación de Servicio (DoS), manipulación de datos o divulgación de información.", }, ], id: "CVE-2022-42254", lastModified: "2024-11-21T07:24:35.500", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:10.657", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-129", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-07 20:15
Modified
2024-11-21 06:45
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*", matchCriteriaId: "F3BF125D-2BDD-4DDB-B8A6-5D28E64157E5", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*", matchCriteriaId: "C37AC285-221B-474F-8B3F-9DD7C586EB43", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*", matchCriteriaId: "A3CCCEEC-CB0F-412F-9DE5-CD86E2AF6B2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en el manejador de la capa del modo kernel (nvlddmkm.sys) para las IOCTL privadas en la que una desreferencia del puntero NULL en el kernel, creada dentro del código del modo de usuario, puede conllevar a una denegación de servicio en forma de bloqueo del sistema", }, ], id: "CVE-2022-21815", lastModified: "2024-11-21T06:45:29.350", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-07T20:15:07.887", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-22 03:15
Modified
2024-11-21 07:36
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5452 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5452 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9D77307A-16B0-4C98-A8AC-ECBFB2EC434C", versionEndExcluding: "470.182.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2684008A-1AAD-445D-BBC1-7073FDD5442A", versionEndExcluding: "515.105.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D6836303-BA7D-4E65-948B-2BC67CA635F5", versionEndExcluding: "525.105.17", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9C654F1D-85AD-4838-AA0B-D1FAEAC6FF71", versionEndExcluding: "530.41.03", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "7906887A-3589-422F-BCC0-0547DEA150A6", versionEndExcluding: "450.236.01", versionStartIncluding: "450", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "2E2902D2-633E-4065-ABD5-A7A2CBD9965E", versionEndExcluding: "454.14", versionStartIncluding: "450", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "122A3080-A6A7-4F69-8A11-2247C56E3512", versionEndExcluding: "474.30", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "ABFB6AEB-975B-488F-B490-7535D1F04075", versionEndExcluding: "518.03", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "0C4C06DD-AF93-4497-8712-D8115842DE59", versionEndExcluding: "528.89", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2", versionEndExcluding: "531.41", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", matchCriteriaId: "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "122A3080-A6A7-4F69-8A11-2247C56E3512", versionEndExcluding: "474.30", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", matchCriteriaId: "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2", versionEndExcluding: "531.41", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.", }, ], id: "CVE-2023-0199", lastModified: "2024-11-21T07:36:44.103", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-22T03:15:08.970", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| citrix | hypervisor | - | |
| linux | linux_kernel | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| vmware | vsphere | - | |
| nvidia | cloud_gaming | * | |
| citrix | hypervisor | - | |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.", }, { lang: "es", value: "NVIDIA vGPU software contiene una vulnerabilidad en Virtual GPU Manager (complemento vGPU), donde un índice de entrada no se valida, lo que puede provocar una saturación del búfer, lo que a su vez puede causar manipulación de datos, divulgación de información o Denegación de Servicio (DoS).", }, ], id: "CVE-2022-42261", lastModified: "2024-11-21T07:24:36.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.167", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-22 03:15
Modified
2024-11-21 07:36
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5452 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5452 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9D77307A-16B0-4C98-A8AC-ECBFB2EC434C", versionEndExcluding: "470.182.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2684008A-1AAD-445D-BBC1-7073FDD5442A", versionEndExcluding: "515.105.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "D6836303-BA7D-4E65-948B-2BC67CA635F5", versionEndExcluding: "525.105.17", versionStartIncluding: "525", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "9C654F1D-85AD-4838-AA0B-D1FAEAC6FF71", versionEndExcluding: "530.41.03", versionStartIncluding: "530", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "7906887A-3589-422F-BCC0-0547DEA150A6", versionEndExcluding: "450.236.01", versionStartIncluding: "450", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.", }, ], id: "CVE-2023-0190", lastModified: "2024-11-21T07:36:43.117", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-22T03:15:08.897", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-07 20:15
Modified
2024-11-21 06:45
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*", matchCriteriaId: "C37AC285-221B-474F-8B3F-9DD7C586EB43", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA79AC0-A0CC-4EE6-AEF5-9B8C8EA2C9F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el paquete de controladores del kernel, donde el manejo inapropiado de permisos o privilegios insuficientes puede permitir a un usuario local no privilegiado un acceso de escritura limitado a la memoria protegida, lo que puede conllevar a una denegación de servicio", }, ], id: "CVE-2022-21814", lastModified: "2024-11-21T06:45:29.227", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-07T20:15:07.830", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-280", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador de capa del modo kernel, donde un usuario normal sin privilegios puede provocar que se trunque un número entero, lo que puede provocar Denegación de Servicio (DoS) o manipulación de datos.", }, ], id: "CVE-2022-34677", lastModified: "2024-11-21T07:09:57.910", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:09.983", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-681", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-07 20:15
Modified
2024-11-21 06:45
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | cloud_gaming_guest | - | |
| nvidia | geforce | - | |
| nvidia | gpu_display_driver | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | tesla | - | |
| nvidia | virtual_gpu | - | |
| linux | linux_kernel | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*", matchCriteriaId: "F3BF125D-2BDD-4DDB-B8A6-5D28E64157E5", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*", matchCriteriaId: "C37AC285-221B-474F-8B3F-9DD7C586EB43", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*", matchCriteriaId: "A3CCCEEC-CB0F-412F-9DE5-CD86E2AF6B2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador del kernel, donde el manejo inapropiado de permisos o privilegios insuficientes puede permitir a un usuario local no privilegiado un acceso de escritura limitado a la memoria protegida, lo que puede conllevar una denegación de servicio", }, ], id: "CVE-2022-21813", lastModified: "2024-11-21T06:45:29.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-07T20:15:07.773", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.", }, { lang: "es", value: "NVIDIA vGPU Display Driver para los invitados de Linux contiene una vulnerabilidad en un archivo de configuración de D-Bus, donde un usuario no autorizado en la máquina virtual invitada puede afectar los endpoints protegidos de D-Bus, lo que puede provocar la ejecución de código, Denegación de Servicio (DoS), escalada de privilegios e información, divulgación o manipulación de datos.", }, ], id: "CVE-2022-42260", lastModified: "2024-11-21T07:24:36.410", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.097", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-281", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:09
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "3DEA3DEB-3A91-412A-B4EF-61B0B2BE527F", versionEndExcluding: "390.157", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "24DE5CC2-3787-4605-8EFA-77590E36E960", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", matchCriteriaId: "333646B0-AAD5-4DD7-8940-6334D0A8E77C", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", matchCriteriaId: "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", vulnerable: false, }, { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "92F71F1A-E866-4C73-BA7E-CA72CDCCF295", versionEndExcluding: "450.216.04", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5", versionEndExcluding: "470.161.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "1A381E4A-95A8-4002-9919-D8A23B41525A", versionEndExcluding: "510.108.03", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "20C17F30-34F3-4F5E-9F35-CBC6BBAAC958", versionEndExcluding: "515.86.01", versionStartIncluding: "515", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "2780BAF8-20EC-4F42-A6EB-536255082FF6", versionEndExcluding: "525.60.11", versionStartIncluding: "525", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "85A2D2C0-6EF1-442E-987A-006E2652D955", versionEndExcluding: "11.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "0C9963BB-DC0D-4799-84C4-B3A36BCE125B", versionEndExcluding: "13.6", versionStartIncluding: "12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", matchCriteriaId: "230B9F4E-DFDF-4492-BE31-E781D1D3A956", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, { criteria: "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B1145182-F629-44ED-B37B-D2DBE726210C", versionEndExcluding: "525.60.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", matchCriteriaId: "B75400C8-5AFF-4ED9-AF91-024FE6D125E0", versionEndExcluding: "525.60.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", matchCriteriaId: "F7AE5C32-E060-44BA-8C13-3D73204191EE", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", matchCriteriaId: "06C8B1C5-6401-45F9-8D3E-47E32067F428", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador de capa del modo kernel, donde un usuario normal sin privilegios puede causar errores de truncamiento al convertir una primitiva a una primitiva de menor tamaño, provocando que se pierdan datos en la conversión, lo que puede llevar a la Denegación de Servicio (DoS) o divulgación de información.", }, ], id: "CVE-2022-34670", lastModified: "2024-11-21T07:09:56.897", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:09.337", references: [ { source: "psirt@nvidia.com", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5415", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-197", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-681", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | rtx | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C1777FEA-7B6B-4629-BFFD-E45492C96D18", versionEndExcluding: "390.154", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*", matchCriteriaId: "6B30520A-D378-4CC8-812D-3B443740D6E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C1777FEA-7B6B-4629-BFFD-E45492C96D18", versionEndExcluding: "390.154", versionStartIncluding: "390", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "6A5C4A60-A16B-4BDA-BFDF-482A254F237F", versionEndExcluding: "450.203.03", versionStartIncluding: "450", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "677332FE-B818-48A9-82EE-474703AE1D81", versionEndExcluding: "470.141.03", versionStartIncluding: "470", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB", versionEndExcluding: "510.85.02", versionStartIncluding: "510", vulnerable: true, }, { criteria: "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", matchCriteriaId: "8603E59F-1C4A-4A15-B28B-1665D5AE5B58", versionEndExcluding: "515.65.01", versionStartIncluding: "515", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*", matchCriteriaId: "75C6DE26-88F2-428E-B761-754BD027E015", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", }, { lang: "es", value: "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en un archivo de configuración opcional de D-Bus, donde un usuario local con capacidades básicas puede afectar los endpoints protegidos de D-Bus, lo que puede llevar a la ejecución de código, Denegación de Servicio (DoS), escalada de privilegios y divulgación de información. y manipulación de datos.", }, ], id: "CVE-2022-31608", lastModified: "2024-11-21T07:04:50.440", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-11-19T00:15:24.927", references: [ { source: "psirt@nvidia.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { source: "psirt@nvidia.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5383", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202310-02", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-281", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-281", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }