cbcvebase.
CVE-2022-28184
published 2022-05-17

CVE-2022-28184: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering.

Affected

7 ranges
VendorProductVersion rangeFixed in
debiannvidia-graphics-drivers< nvidia-graphics-drivers 470.129.06-1 (bookworm)nvidia-graphics-drivers 470.129.06-1 (bookworm)
debiannvidia-graphics-drivers-tesla-460< nvidia-graphics-drivers 470.129.06-1 (bookworm)nvidia-graphics-drivers 470.129.06-1 (bookworm)
debiannvidia-graphics-drivers-tesla-470< nvidia-graphics-drivers 470.129.06-1 (bookworm)nvidia-graphics-drivers 470.129.06-1 (bookworm)
nvidianvidia_gpu_display_driver
nvidiavirtual_gpu
nvidiavirtual_gpu>= 11.0 < 11.811.8
nvidiavirtual_gpu>= 13.0 < 13.313.3

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH