CVE-2022-34673

CWE-190Integer OverflowCWE-125Out-of-bounds Read4 documents4 sources
Severity
7.3HIGH
EPSS
0.1%
top 80.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia GPU Display DriverNvidia Nvidia GPU Display Driver FOR Linux
Timeline
PublishedDec 30

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 1.8 | Impact: 2.5

Affected Packages4 packages

CVEListV5nvidia/nvidia_gpu_display_driver_for_linuxAll versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release
NVDnvidia/gpu_display_driver515515.86.01
Debiannvidia-graphics-drivers< 515.86.01-1+2
Debiannvidia-open-gpu-kernel-modules< 515.86.01-1+2

🔴Vulnerability Details

2
CVEList
CVE-2022-34673: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia2022-12-30
OSV
CVE-2022-34673: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia2022-12-30

📋Vendor Advisories

1
Debian
CVE-2022-34673: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode ...2022
CVE-2022-34673 (HIGH CVSS 7.3) | NVIDIA GPU Display Driver for Linux | cvebase.io