CVE-2022-31607: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.

Affected

13 ranges

Vendor	Product	Version range	Fixed in
debian	nvidia-graphics-drivers	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
debian	nvidia-graphics-drivers-legacy-340xx	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
debian	nvidia-graphics-drivers-legacy-390xx	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
debian	nvidia-graphics-drivers-tesla-418	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
debian	nvidia-graphics-drivers-tesla-450	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
debian	nvidia-graphics-drivers-tesla-460	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
debian	nvidia-graphics-drivers-tesla-470	< nvidia-graphics-drivers 470.141.03-1 (bookworm)	nvidia-graphics-drivers 470.141.03-1 (bookworm)
nvidia	cloud_gaming_guest	< 515.65.01	515.65.01
nvidia	gpu_display_driver	>= 390 < 390.154	390.154
nvidia	gpu_display_driver	>= 450 < 450.203.03	450.203.03
nvidia	gpu_display_driver	>= 470 < 470.141.03	470.141.03
nvidia	gpu_display_driver	>= 510 < 510.85.02	510.85.02
nvidia	gpu_display_driver	>= 515 < 515.65.01	515.65.01

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

osv7.8HIGH