Lucene search

K
cvelistNvidiaCVELIST:CVE-2022-31608
HistoryNov 18, 2022 - 12:00 a.m.

CVE-2022-31608

2022-11-1800:00:00
CWE-281
nvidia
www.cve.org
nvidia
gpu
driver
vulnerability
d-bus
configuration
file
linux
local user
code execution
denial of service
escalation of privileges
information disclosure
data tampering

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CNA Affected

[
  {
    "vendor": "NVIDIA",
    "product": "GeForce, Workstation, Compute",
    "versions": [
      {
        "version": "All versions prior to the August 2022 release",
        "status": "affected"
      }
    ]
  }
]

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%