CVE-2022-28184

CWE-284Improper Access Control5 documents5 sources
Severity
7.8HIGH
EPSS
0.1%
top 68.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Virtual GPUNvidia Nvidia GPU Display Driver
Timeline
PublishedMay 17
Latest updateMay 18

Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

CVEListV5nvidia/nvidia_gpu_display_driverAll GPU Driver versions for Windows and Linux
Debiannvidia-graphics-drivers< 470.129.06-5~deb11u1+3
Debiannvidia-graphics-drivers-tesla-470< 470.129.06-1+1
NVDnvidia/virtual_gpu11.011.8+2

Patches

Patch: nvidia.custhelp.comPatch: nvidia.custhelp.com

🔴Vulnerability Details

3
GHSA
GHSA-57jh-32p4-f49w: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-18
OSV
CVE-2022-28184: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-17
CVEList
CVE-2022-28184: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm2022-05-17

📋Vendor Advisories

1
Debian
CVE-2022-28184: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ...2022
CVE-2022-28184 (HIGH CVSS 7.8) | NVIDIA GPU Display Driver for Windo | cvebase.io