All the vulnerabilites related to nvidia - cloud_gaming_guest
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denial of service, information disclosure, escalation of privileges, or data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denial of service, information disclosure, escalation of privileges, or data tampering."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en el controlador de la capa del modo kernel (nvlddmkm.sys) para DxgkDdiEscape, donde una falla al validar correctamente los datos podr\u00eda permitir que un atacante con capacidades de usuario b\u00e1sicas provoque un acceso fuera de los l\u00edmites en el modo kernel, lo que podr\u00eda dar lugar a Denegaci\u00f3n de Servicio (DoS), divulgaci\u00f3n de informaci\u00f3n, escalada de privilegios o manipulaci\u00f3n de datos."
}
],
"id": "CVE-2022-31606",
"lastModified": "2024-11-21T07:04:50.177",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:14.450",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa del modo kernel, donde cualquier usuario local puede provocar una desreferencia de puntero nulo, lo que puede provocar un p\u00e1nico en el kernel."
}
],
"id": "CVE-2022-31613",
"lastModified": "2024-11-21T07:04:51.067",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:26.227",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgkDdiEscape, donde un usuario local con capacidades b\u00e1sicas puede provocar una lectura fuera de los l\u00edmites, lo que puede provocar Denegaci\u00f3n de Servicio (DoS) o divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2022-31616",
"lastModified": "2024-11-21T07:04:51.487",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:26.893",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C1777FEA-7B6B-4629-BFFD-E45492C96D18",
"versionEndExcluding": "390.154",
"versionStartIncluding": "390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "677332FE-B818-48A9-82EE-474703AE1D81",
"versionEndExcluding": "470.141.03",
"versionStartIncluding": "470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB",
"versionEndExcluding": "510.85.02",
"versionStartIncluding": "510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "8603E59F-1C4A-4A15-B28B-1665D5AE5B58",
"versionEndExcluding": "515.65.01",
"versionStartIncluding": "515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF656F94-6425-44EC-BCDA-6E9F9BC7546B",
"versionEndExcluding": "515.65.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C1777FEA-7B6B-4629-BFFD-E45492C96D18",
"versionEndExcluding": "390.154",
"versionStartIncluding": "390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "677332FE-B818-48A9-82EE-474703AE1D81",
"versionEndExcluding": "470.141.03",
"versionStartIncluding": "470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB",
"versionEndExcluding": "510.85.02",
"versionStartIncluding": "510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "8603E59F-1C4A-4A15-B28B-1665D5AE5B58",
"versionEndExcluding": "515.65.01",
"versionStartIncluding": "515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "6A5C4A60-A16B-4BDA-BFDF-482A254F237F",
"versionEndExcluding": "450.203.03",
"versionStartIncluding": "450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "677332FE-B818-48A9-82EE-474703AE1D81",
"versionEndExcluding": "470.141.03",
"versionStartIncluding": "470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB",
"versionEndExcluding": "510.85.02",
"versionStartIncluding": "510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "8603E59F-1C4A-4A15-B28B-1665D5AE5B58",
"versionEndExcluding": "515.65.01",
"versionStartIncluding": "515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la capa del modo kernel (nvidia.ko), donde un usuario local con capacidades b\u00e1sicas puede provocar una validaci\u00f3n de entrada incorrecta, lo que puede provocar Denegaci\u00f3n de Servicio (DoS), escalada de privilegios, manipulaci\u00f3n de datos y acceso limitado divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2022-31607",
"lastModified": "2024-11-21T07:04:50.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:23.190",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-07 20:15
Modified
2024-11-21 06:45
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | cloud_gaming_guest | - | |
| nvidia | geforce | - | |
| nvidia | gpu_display_driver | - | |
| nvidia | nvs | - | |
| nvidia | quadro | - | |
| nvidia | rtx | - | |
| nvidia | tesla | - | |
| nvidia | virtual_gpu | - | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3BF125D-2BDD-4DDB-B8A6-5D28E64157E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C37AC285-221B-474F-8B3F-9DD7C586EB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3CCCEEC-CB0F-412F-9DE5-CD86E2AF6B2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en el controlador del kernel, donde el manejo inapropiado de permisos o privilegios insuficientes puede permitir a un usuario local no privilegiado un acceso de escritura limitado a la memoria protegida, lo que puede conllevar una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2022-21813",
"lastModified": "2024-11-21T06:45:29.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-07T20:15:07.773",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-07 20:15
Modified
2024-11-21 06:45
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3BF125D-2BDD-4DDB-B8A6-5D28E64157E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C37AC285-221B-474F-8B3F-9DD7C586EB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3CCCEEC-CB0F-412F-9DE5-CD86E2AF6B2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en el manejador de la capa del modo kernel (nvlddmkm.sys) para las IOCTL privadas en la que una desreferencia del puntero NULL en el kernel, creada dentro del c\u00f3digo del modo de usuario, puede conllevar a una denegaci\u00f3n de servicio en forma de bloqueo del sistema"
}
],
"id": "CVE-2022-21815",
"lastModified": "2024-11-21T06:45:29.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-07T20:15:07.887",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa del modo kernel (nvlddmkm.sys), donde un usuario local con capacidades b\u00e1sicas puede provocar una lectura fuera de los l\u00edmites, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo, Denegaci\u00f3n de Servicio (DoS) y escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n o manipulaci\u00f3n de datos."
}
],
"id": "CVE-2022-31617",
"lastModified": "2024-11-21T07:04:51.623",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:27.273",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel information."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en el controlador de la capa de modo kernel (nvlddmkm.sys) para DxgkDdiEscape, donde un usuario local con capacidades b\u00e1sicas puede provocar una lectura fuera de los l\u00edmites, lo que puede provocar un fallo del sistema o una fuga de informaci\u00f3n interna del n\u00facleo."
}
],
"id": "CVE-2022-31612",
"lastModified": "2024-11-21T07:04:50.933",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:25.877",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa del modo kernel (nvlddmkm.sys), donde un usuario local con capacidades b\u00e1sicas puede provocar una escritura fuera de los l\u00edmites, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo, Denegaci\u00f3n de Servicio (DoS) y escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n o manipulaci\u00f3n de datos."
}
],
"id": "CVE-2022-31610",
"lastModified": "2024-11-21T07:04:50.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:25.477",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-19 00:15
Modified
2024-11-21 07:09
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| psirt@nvidia.com | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | geforce | - | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | * | |
| nvidia | virtual_gpu | 14.0 | |
| linux | linux_kernel | - | |
| microsoft | windows | - | |
| nvidia | cloud_gaming_guest | * | |
| microsoft | windows | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | studio | - | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | gpu_display_driver | * | |
| nvidia | tesla | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D619D0D6-04FF-4C1E-84BC-BF44C3328451",
"versionEndExcluding": "516.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9E31C0C2-5C06-4E5E-9106-1ABE98D37C13",
"versionEndExcluding": "473.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CE6F7210-C895-478D-8155-85335EFEAE4F",
"versionEndExcluding": "453.64",
"versionStartIncluding": "451.48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D66D8563-40B2-4B35-BC8B-C2905C9D4FC8",
"versionEndExcluding": "472.81",
"versionStartIncluding": "471.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "094B9003-EEC7-46DD-AEC2-F2BCB0F8DE88",
"versionEndExcluding": "513.46",
"versionStartIncluding": "511.09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "337FAC23-CA17-4B2C-AFC0-F3FD8493FACD",
"versionEndExcluding": "516.94",
"versionStartIncluding": "516.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service."
},
{
"lang": "es",
"value": "NVIDIA GPU Display Driver para Windows y Linux contiene una vulnerabilidad en la capa del modo kernel, donde un usuario local con capacidades b\u00e1sicas puede provocar una desreferencia del puntero nulo, lo que puede provocar una Denegaci\u00f3n de Servicio (DoS)."
}
],
"id": "CVE-2022-34665",
"lastModified": "2024-11-21T07:09:56.200",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-19T00:15:27.557",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-21815
Vulnerability from cvelistv5
Published
2022-02-07 20:00
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU Display Driver |
Version: All GPU Driver versions for Windows |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU Display Driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All GPU Driver versions for Windows"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T19:35:14",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2022-21815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU Display Driver",
"version": {
"version_data": [
{
"version_value": "All GPU Driver versions for Windows"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash."
}
]
},
"impact": {
"cvss": {
"baseScore": 5.5,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476: NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-21815",
"datePublished": "2022-02-07T20:00:17",
"dateReserved": "2021-12-10T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31616
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31616",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:00.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31613
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31613",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31610
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31610",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:00.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-21813
Vulnerability from cvelistv5
Published
2022-02-07 00:00
Modified
2024-08-03 02:53
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5312 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU Display Driver |
Version: All GPU Driver versions for Linux |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:53:36.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU Display Driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All GPU Driver versions for Linux"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T14:06:43.478146",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5312"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-21813",
"datePublished": "2022-02-07T00:00:00",
"dateReserved": "2021-12-10T00:00:00",
"dateUpdated": "2024-08-03T02:53:36.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34665
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:15:15.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T14:06:32.855490",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-34665",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-06-27T00:00:00",
"dateUpdated": "2024-08-03T09:15:15.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31606
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denial of service, information disclosure, escalation of privileges, or data tampering.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denial of service, information disclosure, escalation of privileges, or data tampering."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31606",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:00.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31612
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31612",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31617
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-18T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31617",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:00.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31607
Vulnerability from cvelistv5
Published
2022-11-18 00:00
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | ||
| https://security.gentoo.org/glsa/202310-02 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) |
Version: All versions prior to the August 2022 release |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to the August 2022 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-03T14:06:17.608507",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"name": "GLSA-202310-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-31607",
"datePublished": "2022-11-18T00:00:00",
"dateReserved": "2022-05-24T00:00:00",
"dateUpdated": "2024-08-03T07:26:00.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}