CVE-2022-42264

CWE-823CWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
0.1%
top 68.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Nvidia Cloud GamingNvidia GPU Display DriverNvidia Virtual GPU
Timeline
PublishedDec 30

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.8 | Impact: 5.2

Affected Packages9 packages

NVDnvidia/gpu_display_driver470470.161.03+3
Debiannvidia-graphics-drivers< 470.161.03-1+3
Debiannvidia-graphics-drivers-tesla< 510.108.03-1
Debiannvidia-open-gpu-kernel-modules< 515.86.01-1+2
Debiannvidia-graphics-drivers-tesla-450< 450.216.04-1~deb11u1

🔴Vulnerability Details

2
CVEList
CVE-2022-42264: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-2022-12-30
OSV
CVE-2022-42264: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-2022-12-30

📋Vendor Advisories

1
Debian
CVE-2022-42264: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode ...2022
CVE-2022-42264 (HIGH CVSS 7.8) | NVIDIA GPU Display Driver for Linux | cvebase.io