CVE-2022-34671Out-of-bounds Write in Nvidia GPU Display Driver

CWE-787Out-of-bounds Write7 documents4 sources
Severity
8.8HIGHNVD
CNA8.5
EPSS
0.5%
top 34.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia GPU Display DriverNvidia GPU Display Driver FOR Windows
Timeline
PublishedDec 30
Latest updateAug 23

Description

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5nvidia/nvidia_gpu_display_driver_for_windowsAll versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release
NVDnvidia/gpu_display_driver470474.14+7

🔴Vulnerability Details

2
GHSA
GHSA-q4qf-r73j-h8wf: NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds w2022-12-31
CVEList
CVE-2022-34671: NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, wh2022-12-30

🕵️Threat Intelligence

4
Talos
Three vulnerabilities in NVIDIA graphics driver could cause memory corruption2023-08-23
Talos
Three vulnerabilities in NVIDIA graphics driver could cause memory corruption2023-08-23
Talos
Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered2022-12-06
Talos
Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered2022-12-06
CVE-2022-34671 — Out-of-bounds Write in Nvidia | cvebase