Vulnerability-Lookup

CVE-2022-31608 (GCVE-0-2022-31608)

Vulnerability from cvelistv5 – Published: 2022-11-18 00:00 – Updated: 2025-04-29 13:36

Summary

NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-281 - Improper Preservation of Permissions

Assigner

nvidia

References

2 references

URL	Tags
https://nvidia.custhelp.com/app/answers/detail/a_…
https://security.gentoo.org/glsa/202310-02	vendor-advisory

Impacted products

1 product

Vendor	Product	Version
NVIDIA	GeForce, Workstation, Compute	Affected: All versions prior to the August 2022 release

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:26:00.902Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
          },
          {
            "name": "GLSA-202310-02",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202310-02"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31608",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T13:36:05.444204Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T13:36:30.099Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "GeForce, Workstation, Compute",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to the August 2022 release"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-281",
              "description": "CWE-281 Improper Preservation of Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T14:06:26.816Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
        },
        {
          "name": "GLSA-202310-02",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202310-02"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2022-31608",
    "datePublished": "2022-11-18T00:00:00.000Z",
    "dateReserved": "2022-05-24T00:00:00.000Z",
    "dateUpdated": "2025-04-29T13:36:30.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-31608",
      "date": "2026-05-27",
      "epss": "0.00148",
      "percentile": "0.34867"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"390\", \"versionEndExcluding\": \"390.154\", \"matchCriteriaId\": \"C1777FEA-7B6B-4629-BFFD-E45492C96D18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"470\", \"versionEndExcluding\": \"470.141.03\", \"matchCriteriaId\": \"677332FE-B818-48A9-82EE-474703AE1D81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"510\", \"versionEndExcluding\": \"510.85.02\", \"matchCriteriaId\": \"C8E67FE7-2A7D-4FC0-A623-A981FD5776AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"515\", \"versionEndExcluding\": \"515.65.01\", \"matchCriteriaId\": \"8603E59F-1C4A-4A15-B28B-1665D5AE5B58\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B30520A-D378-4CC8-812D-3B443740D6E3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"390\", \"versionEndExcluding\": \"390.154\", \"matchCriteriaId\": \"C1777FEA-7B6B-4629-BFFD-E45492C96D18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"470\", \"versionEndExcluding\": \"470.141.03\", \"matchCriteriaId\": \"677332FE-B818-48A9-82EE-474703AE1D81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"510\", \"versionEndExcluding\": \"510.85.02\", \"matchCriteriaId\": \"C8E67FE7-2A7D-4FC0-A623-A981FD5776AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"515\", \"versionEndExcluding\": \"515.65.01\", \"matchCriteriaId\": \"8603E59F-1C4A-4A15-B28B-1665D5AE5B58\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C63EA1-8719-4F5C-922A-C77ED4CEF7C7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"450\", \"versionEndExcluding\": \"450.203.03\", \"matchCriteriaId\": \"6A5C4A60-A16B-4BDA-BFDF-482A254F237F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"470\", \"versionEndExcluding\": \"470.141.03\", \"matchCriteriaId\": \"677332FE-B818-48A9-82EE-474703AE1D81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"510\", \"versionEndExcluding\": \"510.85.02\", \"matchCriteriaId\": \"C8E67FE7-2A7D-4FC0-A623-A981FD5776AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\", \"versionStartIncluding\": \"515\", \"versionEndExcluding\": \"515.65.01\", \"matchCriteriaId\": \"8603E59F-1C4A-4A15-B28B-1665D5AE5B58\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75C6DE26-88F2-428E-B761-754BD027E015\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\"}, {\"lang\": \"es\", \"value\": \"NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en un archivo de configuraci\\u00f3n opcional de D-Bus, donde un usuario local con capacidades b\\u00e1sicas puede afectar los endpoints protegidos de D-Bus, lo que puede llevar a la ejecuci\\u00f3n de c\\u00f3digo, Denegaci\\u00f3n de Servicio (DoS), escalada de privilegios y divulgaci\\u00f3n de informaci\\u00f3n. y manipulaci\\u00f3n de datos.\"}]",
      "id": "CVE-2022-31608",
      "lastModified": "2024-11-21T07:04:50.440",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@nvidia.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2022-11-19T00:15:24.927",
      "references": "[{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5383\", \"source\": \"psirt@nvidia.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-02\", \"source\": \"psirt@nvidia.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5383\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "psirt@nvidia.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@nvidia.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-281\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-281\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-31608\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2022-11-19T00:15:24.927\",\"lastModified\":\"2024-11-21T07:04:50.440\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\"},{\"lang\":\"es\",\"value\":\"NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en un archivo de configuraci\u00f3n opcional de D-Bus, donde un usuario local con capacidades b\u00e1sicas puede afectar los endpoints protegidos de D-Bus, lo que puede llevar a la ejecuci\u00f3n de c\u00f3digo, Denegaci\u00f3n de Servicio (DoS), escalada de privilegios y divulgaci\u00f3n de informaci\u00f3n. y manipulaci\u00f3n de datos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"390\",\"versionEndExcluding\":\"390.154\",\"matchCriteriaId\":\"C1777FEA-7B6B-4629-BFFD-E45492C96D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"470\",\"versionEndExcluding\":\"470.141.03\",\"matchCriteriaId\":\"677332FE-B818-48A9-82EE-474703AE1D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"510\",\"versionEndExcluding\":\"510.85.02\",\"matchCriteriaId\":\"C8E67FE7-2A7D-4FC0-A623-A981FD5776AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"515\",\"versionEndExcluding\":\"515.65.01\",\"matchCriteriaId\":\"8603E59F-1C4A-4A15-B28B-1665D5AE5B58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B30520A-D378-4CC8-812D-3B443740D6E3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"390\",\"versionEndExcluding\":\"390.154\",\"matchCriteriaId\":\"C1777FEA-7B6B-4629-BFFD-E45492C96D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"470\",\"versionEndExcluding\":\"470.141.03\",\"matchCriteriaId\":\"677332FE-B818-48A9-82EE-474703AE1D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"510\",\"versionEndExcluding\":\"510.85.02\",\"matchCriteriaId\":\"C8E67FE7-2A7D-4FC0-A623-A981FD5776AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"515\",\"versionEndExcluding\":\"515.65.01\",\"matchCriteriaId\":\"8603E59F-1C4A-4A15-B28B-1665D5AE5B58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C63EA1-8719-4F5C-922A-C77ED4CEF7C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"450\",\"versionEndExcluding\":\"450.203.03\",\"matchCriteriaId\":\"6A5C4A60-A16B-4BDA-BFDF-482A254F237F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"470\",\"versionEndExcluding\":\"470.141.03\",\"matchCriteriaId\":\"677332FE-B818-48A9-82EE-474703AE1D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"510\",\"versionEndExcluding\":\"510.85.02\",\"matchCriteriaId\":\"C8E67FE7-2A7D-4FC0-A623-A981FD5776AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*\",\"versionStartIncluding\":\"515\",\"versionEndExcluding\":\"515.65.01\",\"matchCriteriaId\":\"8603E59F-1C4A-4A15-B28B-1665D5AE5B58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75C6DE26-88F2-428E-B761-754BD027E015\"}]}]}],\"references\":[{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5383\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-02\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5383\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5383\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-02\", \"name\": \"GLSA-202310-02\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:26:00.902Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31608\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-29T13:36:05.444204Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-29T13:36:16.154Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"NVIDIA\", \"product\": \"GeForce, Workstation, Compute\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions prior to the August 2022 release\"}]}], \"references\": [{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5383\"}, {\"url\": \"https://security.gentoo.org/glsa/202310-02\", \"name\": \"GLSA-202310-02\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-281\", \"description\": \"CWE-281 Improper Preservation of Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"shortName\": \"nvidia\", \"dateUpdated\": \"2023-10-03T14:06:26.816Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-31608\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-29T13:36:30.099Z\", \"dateReserved\": \"2022-05-24T00:00:00.000Z\", \"assignerOrgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"datePublished\": \"2022-11-18T00:00:00.000Z\", \"assignerShortName\": \"nvidia\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2022-04821

Vulnerability from fstec - Published: 04.08.2022

Title

Уязвимость конфигурационного файла D-Bus графического драйвера NVIDIA GPU Display Driver, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Description

Уязвимость конфигурационного файла D-Bus графического драйвера NVIDIA GPU Display Driver связана с небезопасным управлением привилегиями. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Severity


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

NVIDIA Corp.

Software Name

Studio R515, GeForce R515, NVIDIA RTX/Quadro R515, NVS R515, Tesla R515, NVS R510, GeForce R510, NVIDIA RTX/Quadro R510, Tesla R510, GeForce R470, NVIDIA RTX/Quadro R470, Tesla R470, Tesla R450, GeForce R390, NVIDIA RTX/Quadro R390, NVS R390

Software Version

- (Studio R515), - (GeForce R515), до 516.94 (NVIDIA RTX/Quadro R515), до 516.94 (NVS R515), до 516.94 (Tesla R515), до 515.65.01 (GeForce R515), до 515.65.01 (NVIDIA RTX/Quadro R515), до 515.65.01 (NVS R515), до 515.65.01 (Tesla R515), до 510.85.02 (NVS R510), до 510.85.02 (GeForce R510), до 513.46 (NVIDIA RTX/Quadro R510), до 510.85.02 (NVIDIA RTX/Quadro R510), до 513.46 (NVS R510), до 513.46 (Tesla R510), до 510.85.02 (Tesla R510), до 473.81 (GeForce R470), до 470.141.03 (GeForce R470), до 473.81 (NVIDIA RTX/Quadro R470), до 470.141.03 (NVIDIA RTX/Quadro R470), до 473.81 (Tesla R470), до 470.141.03 (Tesla R470), до 453.64 (Tesla R450), до 450.203.03 (Tesla R450), до 390.154 (GeForce R390), до 390.154 (NVIDIA RTX/Quadro R390), до 390.154 (NVS R390)

Possible Mitigations

Использование рекомендаций: https://nvidia.custhelp.com/app/answers/detail/a_id/5383

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5383

CWE

CWE-269

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "NVIDIA Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Studio R515), - (GeForce R515), \u0434\u043e 516.94 (NVIDIA RTX/Quadro R515), \u0434\u043e 516.94 (NVS R515), \u0434\u043e 516.94 (Tesla R515), \u0434\u043e 515.65.01 (GeForce R515), \u0434\u043e 515.65.01 (NVIDIA RTX/Quadro R515), \u0434\u043e 515.65.01 (NVS R515), \u0434\u043e 515.65.01 (Tesla R515), \u0434\u043e 510.85.02 (NVS R510), \u0434\u043e 510.85.02 (GeForce R510), \u0434\u043e 513.46 (NVIDIA RTX/Quadro R510), \u0434\u043e 510.85.02 (NVIDIA RTX/Quadro R510), \u0434\u043e 513.46 (NVS R510), \u0434\u043e 513.46 (Tesla R510), \u0434\u043e 510.85.02 (Tesla R510), \u0434\u043e 473.81 (GeForce R470), \u0434\u043e 470.141.03 (GeForce R470), \u0434\u043e 473.81 (NVIDIA RTX/Quadro R470), \u0434\u043e 470.141.03 (NVIDIA RTX/Quadro R470), \u0434\u043e 473.81 (Tesla R470), \u0434\u043e 470.141.03 (Tesla R470), \u0434\u043e 453.64 (Tesla R450), \u0434\u043e 450.203.03 (Tesla R450), \u0434\u043e 390.154 (GeForce R390), \u0434\u043e 390.154 (NVIDIA RTX/Quadro R390), \u0434\u043e 390.154 (NVS R390)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5383",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "04.08.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "08.08.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.08.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-04821",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-31608",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Studio R515, GeForce R515, NVIDIA RTX/Quadro R515, NVS R515, Tesla R515, NVS R510, GeForce R510, NVIDIA RTX/Quadro R510, Tesla R510, GeForce R470, NVIDIA RTX/Quadro R470, Tesla R470, Tesla R450, GeForce R390, NVIDIA RTX/Quadro R390, NVS R390",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 D-Bus \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NVIDIA GPU Display Driver, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 (CWE-269)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 D-Bus \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 NVIDIA GPU Display Driver \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-269",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

FKIE_CVE-2022-31608

Vulnerability from fkie_nvd - Published: 2022-11-19 00:15 - Updated: 2024-11-21 07:04

Severity

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@nvidia.com	https://nvidia.custhelp.com/app/answers/detail/a_id/5383	Patch, Vendor Advisory
psirt@nvidia.com	https://security.gentoo.org/glsa/202310-02	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://nvidia.custhelp.com/app/answers/detail/a_id/5383	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202310-02	Third Party Advisory

Impacted products

Vendor	Product	Version
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	geforce	-
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	rtx	-
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	tesla	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "C1777FEA-7B6B-4629-BFFD-E45492C96D18",
              "versionEndExcluding": "390.154",
              "versionStartIncluding": "390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "677332FE-B818-48A9-82EE-474703AE1D81",
              "versionEndExcluding": "470.141.03",
              "versionStartIncluding": "470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB",
              "versionEndExcluding": "510.85.02",
              "versionStartIncluding": "510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "8603E59F-1C4A-4A15-B28B-1665D5AE5B58",
              "versionEndExcluding": "515.65.01",
              "versionStartIncluding": "515",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B30520A-D378-4CC8-812D-3B443740D6E3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "C1777FEA-7B6B-4629-BFFD-E45492C96D18",
              "versionEndExcluding": "390.154",
              "versionStartIncluding": "390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "677332FE-B818-48A9-82EE-474703AE1D81",
              "versionEndExcluding": "470.141.03",
              "versionStartIncluding": "470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB",
              "versionEndExcluding": "510.85.02",
              "versionStartIncluding": "510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "8603E59F-1C4A-4A15-B28B-1665D5AE5B58",
              "versionEndExcluding": "515.65.01",
              "versionStartIncluding": "515",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "6A5C4A60-A16B-4BDA-BFDF-482A254F237F",
              "versionEndExcluding": "450.203.03",
              "versionStartIncluding": "450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "677332FE-B818-48A9-82EE-474703AE1D81",
              "versionEndExcluding": "470.141.03",
              "versionStartIncluding": "470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "C8E67FE7-2A7D-4FC0-A623-A981FD5776AB",
              "versionEndExcluding": "510.85.02",
              "versionStartIncluding": "510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "8603E59F-1C4A-4A15-B28B-1665D5AE5B58",
              "versionEndExcluding": "515.65.01",
              "versionStartIncluding": "515",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75C6DE26-88F2-428E-B761-754BD027E015",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
    },
    {
      "lang": "es",
      "value": "NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en un archivo de configuraci\u00f3n opcional de D-Bus, donde un usuario local con capacidades b\u00e1sicas puede afectar los endpoints protegidos de D-Bus, lo que puede llevar a la ejecuci\u00f3n de c\u00f3digo, Denegaci\u00f3n de Servicio (DoS), escalada de privilegios y divulgaci\u00f3n de informaci\u00f3n. y manipulaci\u00f3n de datos."
    }
  ],
  "id": "CVE-2022-31608",
  "lastModified": "2024-11-21T07:04:50.440",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@nvidia.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-19T00:15:24.927",
  "references": [
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
    },
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202310-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202310-02"
    }
  ],
  "sourceIdentifier": "psirt@nvidia.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-281"
        }
      ],
      "source": "psirt@nvidia.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-281"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3QPV-49M3-3H75

Vulnerability from github – Published: 2022-11-19 00:30 – Updated: 2022-11-28 21:30

Details

Severity

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-31608"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-19T00:15:00Z",
    "severity": "HIGH"
  },
  "details": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
  "id": "GHSA-3qpv-49m3-3h75",
  "modified": "2022-11-28T21:30:22Z",
  "published": "2022-11-19T00:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31608"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202310-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-31608

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-31608

Aliases

CVE-2022-31608

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-31608",
    "description": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
    "id": "GSD-2022-31608",
    "references": [
      "https://ubuntu.com/security/CVE-2022-31608"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-31608"
      ],
      "details": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
      "id": "GSD-2022-31608",
      "modified": "2023-12-13T01:19:17.218336Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@nvidia.com",
        "ID": "CVE-2022-31608",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "GeForce, Workstation, Compute",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions prior to the August 2022 release"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "NVIDIA"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": "7.8",
          "baseSeverity": "High",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-281 Improper Preservation of Permissions"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383",
            "refsource": "MISC",
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
          },
          {
            "name": "GLSA-202310-02",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202310-02"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "390.154",
                    "versionStartIncluding": "390",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "470.141.03",
                    "versionStartIncluding": "470",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "510.85.02",
                    "versionStartIncluding": "510",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "515.65.01",
                    "versionStartIncluding": "515",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "390.154",
                    "versionStartIncluding": "390",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "470.141.03",
                    "versionStartIncluding": "470",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "510.85.02",
                    "versionStartIncluding": "510",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "515.65.01",
                    "versionStartIncluding": "515",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "450.203.03",
                    "versionStartIncluding": "450",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "470.141.03",
                    "versionStartIncluding": "470",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "510.85.02",
                    "versionStartIncluding": "510",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "515.65.01",
                    "versionStartIncluding": "515",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@nvidia.com",
          "ID": "CVE-2022-31608"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-281"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
            },
            {
              "name": "GLSA-202310-02",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202310-02"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-10-15T02:03Z",
      "publishedDate": "2022-11-19T00:15Z"
    }
  }
}

WID-SEC-W-2022-0894

Vulnerability from csaf_certbund - Published: 2022-08-02 22:00 - Updated: 2023-10-03 22:00

Summary

Nvidia GPU Treiber und NVIDIA vGPU software: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: NVidia ist ein Hersteller von Grafikkarten.

Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Nvidia GPU Treiber ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuführen.

Betroffene Betriebssysteme: - Linux - Windows

CVE-2022-31606

Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgemäßen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuführen.

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31607

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31608

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31609

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31610

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31612

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31613

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31614

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31615

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31616

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31617

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-31618

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

CVE-2022-34665

Affected products

Known affected 7 products

Product	Identifier	Version
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Lenovo Computer Lenovo	`cpe:/o:lenovo:lenovo_computer:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Nvidia Treiber GPU Display Driver for Windows Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows`	—
Nvidia Treiber vGPU software Nvidia / Treiber	`cpe:/a:nvidia:display_driver:vgpu_software`	—
Nvidia Treiber GPU Display Driver for Linux Nvidia / Treiber	`cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux`	—

References

7 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://security.gentoo.org/glsa/202310-02	external
https://nvidia.custhelp.com/app/answers/detail/a_…	external
https://ubuntu.com/security/notices/USN-5547-1	external
https://support.lenovo.com/us/en/product_security…	external
https://www.dell.com/support/kbdoc/de-de/00020222…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "NVidia ist ein Hersteller von Grafikkarten.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Nvidia GPU Treiber ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0894 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0894.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0894 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0894"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202310-02 vom 2023-10-03",
        "url": "https://security.gentoo.org/glsa/202310-02"
      },
      {
        "category": "external",
        "summary": "Security Bulletin: NVIDIA GPU Display Driver - August 2022 vom 2022-08-02",
        "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5547-1 vom 2022-08-04",
        "url": "https://ubuntu.com/security/notices/USN-5547-1"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-91370 vom 2022-08-14",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-91370"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2022-222 vom 2022-09-20",
        "url": "https://www.dell.com/support/kbdoc/de-de/000202225/dsa-2022-222-dell-client-platform-security-update-for-nvidia-gpu-display-driver-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Nvidia GPU Treiber und NVIDIA vGPU software: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-10-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:32:45.265+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-0894",
      "initial_release_date": "2022-08-02T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-08-02T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-08-03T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-08-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von LENOVO aufgenommen"
        },
        {
          "date": "2022-09-20T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2023-10-03T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Gentoo aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T006498",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T006520",
              "product_identification_helper": {
                "cpe": "cpe:/o:lenovo:lenovo_computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Nvidia Treiber GPU Display Driver for Windows",
                "product": {
                  "name": "Nvidia Treiber GPU Display Driver for Windows",
                  "product_id": "T024153",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:nvidia:display_driver:gpu_display_driver_for_windows"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Nvidia Treiber GPU Display Driver for Linux",
                "product": {
                  "name": "Nvidia Treiber GPU Display Driver for Linux",
                  "product_id": "T024154",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:nvidia:display_driver:gpu_display_driver_for_linux"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Nvidia Treiber vGPU software",
                "product": {
                  "name": "Nvidia Treiber vGPU software",
                  "product_id": "T024155",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:nvidia:display_driver:vgpu_software"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Treiber"
          }
        ],
        "category": "vendor",
        "name": "Nvidia"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-31606",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31606"
    },
    {
      "cve": "CVE-2022-31607",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31607"
    },
    {
      "cve": "CVE-2022-31608",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31608"
    },
    {
      "cve": "CVE-2022-31609",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31609"
    },
    {
      "cve": "CVE-2022-31610",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31610"
    },
    {
      "cve": "CVE-2022-31612",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31612"
    },
    {
      "cve": "CVE-2022-31613",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31613"
    },
    {
      "cve": "CVE-2022-31614",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31614"
    },
    {
      "cve": "CVE-2022-31615",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31615"
    },
    {
      "cve": "CVE-2022-31616",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31616"
    },
    {
      "cve": "CVE-2022-31617",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31617"
    },
    {
      "cve": "CVE-2022-31618",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-31618"
    },
    {
      "cve": "CVE-2022-34665",
      "notes": [
        {
          "category": "description",
          "text": "Im Nvidia GPU Treiber existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem aufgrund eines Out-of-Bounds-Zugriffs, einer unsachgem\u00e4\u00dfen Eingabevalidierung, eines Out-of-Bounds-Lese- und Schreibvorgangs und mehrerer NULL-Zeiger-Dereferenzen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern, Daten zu manipulieren und beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T006498",
          "T006520",
          "T000126",
          "T012167",
          "T024153",
          "T024155",
          "T024154"
        ]
      },
      "release_date": "2022-08-02T22:00:00.000+00:00",
      "title": "CVE-2022-34665"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-31608 (GCVE-0-2022-31608)

BDU:2022-04821

FKIE_CVE-2022-31608

GHSA-3QPV-49M3-3H75

GSD-2022-31608

WID-SEC-W-2022-0894

Tags

Sightings

Nomenclature