Lucene search
HistoryDec 30, 2022 - 11:15 p.m.
CVE-2022-42257
nvidia
gpu
display driver
linux
kernel mode
vulnerability
cve-2022-42257
integer overflow
information disclosure
data tampering
denial of service
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.
Affected configurations
Node
nvidiageforceMatch-
ORnvidianvsMatch-
ORnvidiaquadroMatch-
ORnvidiartxMatch-
nvidiagpu_display_driverRange390–390.157linux
ORnvidiagpu_display_driverRange470–470.161.03linux
ORnvidiagpu_display_driverRange510–510.108.03linux
ORnvidiagpu_display_driverRange515–515.86.01linux
ORnvidiagpu_display_driverRange525–525.60.11linux
Node
nvidiateslaMatch-
nvidiagpu_display_driverRange450–450.216.04linux
ORnvidiagpu_display_driverRange470–470.161.03linux
ORnvidiagpu_display_driverRange510–510.108.03linux
ORnvidiagpu_display_driverRange515–515.86.01linux
ORnvidiagpu_display_driverRange525–525.60.11linux
Node
nvidiacloud_gamingRange<525.60.12
citrixhypervisorMatch-
ORredhatenterprise_linux_kernel-based_virtual_machineMatch-
Node
nvidiavirtual_gpuRange<11.11
ORnvidiavirtual_gpuRange12.0–13.6
ORnvidiavirtual_gpuRange14.0–14.4
citrixhypervisorMatch-
ORlinuxlinux_kernelMatch-
ORredhatenterprise_linux_kernel-based_virtual_machineMatch-
ORvmwarevsphereMatch-
Node
nvidiacloud_gamingRange<525.60.11
linuxlinux_kernelMatch-
Node
debiandebian_linuxMatch10.0
CNA Affected
[
{
"vendor": "NVIDIA",
"product": "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
"versions": [
{
"version": "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release",
"status": "affected"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2022-42257
2022-12-30 00:00:00
nvd
nvd
CVE-2022-42257
2022-12-30 23:15:10
debiancve
debiancve
CVE-2022-42257
2022-12-30 23:15:10
prion
prion
Integer overflow
2022-12-30 23:15:00
cvelist
cvelist
CVE-2022-42257
2022-12-30 00:00:00
nessus
nessus
NVIDIA Virtual GPU Manager Multiple Vulnerabilities (November 2022)
2023-09-14 00:00:00
NVIDIA Linux GPU Display Driver (Nov 2022)
2022-12-02 00:00:00
osv
osv
nvidia-graphics-drivers-legacy-390xx - security update
2023-05-11 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3418-1)
2023-05-12 00:00:00
debian
debian
[SECURITY] [DLA 3418-1] nvidia-graphics-drivers-legacy-390xx security update
2023-05-11 15:03:27
nvidia
nvidia
Security Bulletin: NVIDIA GPU Display Driver - November 2022
2022-11-29 00:00:00
gentoo
gentoo
NVIDIA Drivers: Multiple Vulnerabilities
2023-10-03 00:00:00
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2022-42257