Lucene search

[email protected]CVE-2022-31612

HistoryNov 19, 2022 - 12:15 a.m.

CVE-2022-31612

2022-11-1900:15:25

CWE-125

[email protected]

web.nvd.nist.gov

nvidia

gpu

display driver

windows

vulnerability

out-of-bounds read

kernel mode

security

cve-2022-31612

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel information.

Affected configurations

NVD

Node

nvidiagpu_display_driverRange471.11–473.81windows

nvidiagpu_display_driverRange516.25–516.94windows

AND

nvidiageforceMatch-

Node

nvidiavirtual_gpuRange11.0–11.8

nvidiavirtual_gpuRange13.0–13.3

nvidiavirtual_gpuMatch14.0

AND

microsoftwindowsMatch-

Node

nvidiacloud_gaming_guestRange<516.94

AND

microsoftwindowsMatch-

Node

nvidiagpu_display_driverRange516.25–516.94windows

AND

nvidiastudioMatch-

Node

nvidiagpu_display_driverRange471.11–473.81windows

nvidiagpu_display_driverRange511.09–513.46windows

nvidiagpu_display_driverRange516.25–516.94windows

AND

nvidiastudioMatch-

Node

nvidiagpu_display_driverRange451.48–453.64windows

nvidiagpu_display_driverRange471.11–472.81windows

nvidiagpu_display_driverRange511.09–513.46windows

nvidiagpu_display_driverRange516.25–516.94windows

AND

nvidiateslaMatch-

CPENameOperatorVersion
nvidia:gpu_display_drivernvidia gpu display driverlt473.81
nvidia:gpu_display_drivernvidia gpu display driverlt516.94

CPE	Name	Operator	Version
nvidia:gpu_display_driver	nvidia gpu display driver	lt	473.81
nvidia:gpu_display_driver	nvidia gpu display driver	lt	516.94

CNA Affected

[
  {
    "vendor": "NVIDIA",
    "product": "NVIDIA Cloud Gaming (guest driver)",
    "versions": [
      {
        "version": "All versions prior to the August 2022 release",
        "status": "affected"
      }
    ]
  }
]