CVE-2022-21814

CWE-280 CWE-755 — Improper Exception Handling6 documents6 sources

Severity

6.1MEDIUM

EPSS

0.0%

top 86.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Nvidia GPU Display Driver

Timeline

PublishedFeb 7

Latest updateFeb 8

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages3 packages

▶CVEListV5nvidia/nvidia_gpu_display_driverAll GPU Drivers for Linux

▶Debiannvidia-graphics-drivers< 470.129.06-5~deb11u1+3

▶Debiannvidia-graphics-drivers-tesla-470< 470.103.01-1+1

🔴Vulnerability Details

GHSA

GHSA-m8cj-m32x-wpwv: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or priv↗2022-02-08

▶

OSV

CVE-2022-21814: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or priv↗2022-02-07

▶

CVEList

CVE-2022-21814: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or priv↗2022-02-07

▶

📋Vendor Advisories

Ubuntu

NVIDIA graphics drivers vulnerabilities↗2022-02-08

▶

Debian

CVE-2022-21814: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel drive...↗2022

▶