CVE-2023-0199

CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

6.1MEDIUM

EPSS

0.1%

top 74.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia GPU Display Driver Nvidia Nvidia GPU Display Driver

Timeline

PublishedApr 22

Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages8 packages

▶NVDnvidia/gpu_display_driver470 — 470.182.03+9

▶CVEListV5nvidia/nvidia_gpu_display_driverAll versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release

▶Debiannvidia-graphics-drivers< 470.182.03-1+3

▶Debiannvidia-graphics-drivers-tesla< 525.105.17-1

▶Debiannvidia-open-gpu-kernel-modules< 525.105.17-1+2

🔴Vulnerability Details

OSV

CVE-2023-0199: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to de↗2023-04-22

▶

GHSA

GHSA-whw9-3vm4-q2gq: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to de↗2023-04-22

▶

CVEList

CVE-2023-0199: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to de↗2023-04-22

▶

📋Vendor Advisories

Debian

CVE-2023-0199: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ...↗2023

▶