CVE-2022-42263
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.
References
psirt@nvidia.comhttps://nvidia.custhelp.com/app/answers/detail/a_id/5415Vendor Advisory
psirt@nvidia.comhttps://security.gentoo.org/glsa/202310-02Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://nvidia.custhelp.com/app/answers/detail/a_id/5415Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202310-02Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:03:45.675Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415"
          },
          {
            "name": "GLSA-202310-02",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202310-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T14:07:26.872007",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415"
        },
        {
          "name": "GLSA-202310-02",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202310-02"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2022-42263",
    "datePublished": "2022-12-30T00:00:00",
    "dateReserved": "2022-10-03T00:00:00",
    "dateUpdated": "2024-08-03T13:03:45.675Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-42263\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2022-12-30T23:15:11.360\",\"lastModified\":\"2024-11-21T07:24:36.843\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.\"},{\"lang\":\"es\",\"value\":\"NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador de capa del modo kernel, donde un desbordamiento de enteros puede provocar Denegaci\u00f3n de Servicio (DoS) o divulgaci\u00f3n de informaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.11\",\"matchCriteriaId\":\"85A2D2C0-6EF1-442E-987A-006E2652D955\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"13.6\",\"matchCriteriaId\":\"0C9963BB-DC0D-4799-84C4-B3A36BCE125B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"230B9F4E-DFDF-4492-BE31-E781D1D3A956\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7AE5C32-E060-44BA-8C13-3D73204191EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06C8B1C5-6401-45F9-8D3E-47E32067F428\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E4A22C5-B3E1-4106-997C-D1C845F2C1EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"525.60.11\",\"matchCriteriaId\":\"B1145182-F629-44ED-B37B-D2DBE726210C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"525.60.12\",\"matchCriteriaId\":\"B75400C8-5AFF-4ED9-AF91-024FE6D125E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7AE5C32-E060-44BA-8C13-3D73204191EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06C8B1C5-6401-45F9-8D3E-47E32067F428\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"470\",\"versionEndExcluding\":\"470.161.03\",\"matchCriteriaId\":\"1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"510\",\"versionEndExcluding\":\"510.108.03\",\"matchCriteriaId\":\"1A381E4A-95A8-4002-9919-D8A23B41525A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"515\",\"versionEndExcluding\":\"515.86.01\",\"matchCriteriaId\":\"20C17F30-34F3-4F5E-9F35-CBC6BBAAC958\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DE5CC2-3787-4605-8EFA-77590E36E960\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"333646B0-AAD5-4DD7-8940-6334D0A8E77C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1DB9FB5-E115-4E96-98F8-3FAFAC120E98\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C63EA1-8719-4F5C-922A-C77ED4CEF7C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"450\",\"versionEndExcluding\":\"450.216.04\",\"matchCriteriaId\":\"92F71F1A-E866-4C73-BA7E-CA72CDCCF295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"470\",\"versionEndExcluding\":\"470.161.03\",\"matchCriteriaId\":\"1ACD2E2B-EDDA-4D52-B7D2-3387A80359A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"510\",\"versionEndExcluding\":\"510.108.03\",\"matchCriteriaId\":\"1A381E4A-95A8-4002-9919-D8A23B41525A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D135086F-CA5E-4242-ACBA-C3AC82F4BE03\"}]}]}],\"references\":[{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5415\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-02\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.