Lucene search

[email protected]NVD:CVE-2022-42260

HistoryDec 30, 2022 - 11:15 p.m.

CVE-2022-42260

2022-12-3023:15:11

CWE-281

[email protected]

web.nvd.nist.gov

nvidia

vgpu

display driver

linux

d-bus

configuration file

vulnerability

unauthorized user

guest vm

code execution

denial of service

privilege escalation

information disclosure

data tampering

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

13.0%

JSON

NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.

Affected configurations

Nvd

Node

nvidiavirtual_gpuRange<11.11

nvidiavirtual_gpuRange12.0–13.6

nvidiavirtual_gpuRange14.0–14.4

AND

citrixhypervisorMatch-

linuxlinux_kernelMatch-

redhatenterprise_linux_kernel-based_virtual_machineMatch-

vmwarevsphereMatch-

Node

nvidiacloud_gamingRange<525.60.11

AND

linuxlinux_kernelMatch-

Node

nvidiagpu_display_driverRange470–470.161.03linux

nvidiagpu_display_driverRange510–510.108.03linux

AND

nvidiageforceMatch-

nvidianvsMatch-

nvidiaquadroMatch-

nvidiartxMatch-

Node

nvidiagpu_display_driverRange450–450.216.04linux

nvidiagpu_display_driverRange470–470.161.03linux

nvidiagpu_display_driverRange510–510.108.03linux

AND

nvidiateslaMatch-

Node

nvidiacloud_gamingRange<525.60.12

AND

citrixhypervisorMatch-

redhatenterprise_linux_kernel-based_virtual_machineMatch-

VendorProductVersionCPE
nvidiavirtual_gpu*cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
citrixhypervisor-cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
redhatenterprise_linux_kernel-based_virtual_machine-cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
vmwarevsphere-cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
nvidiacloud_gaming*cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
nvidiagpu_display_driver*cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
nvidiageforce-cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
nvidianvs-cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
nvidiaquadro-cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	virtual_gpu	*	cpe:2.3:a:nvidia:virtual_gpu::::::::
citrix	hypervisor	-	cpe:2.3:o:citrix:hypervisor:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
redhat	enterprise_linux_kernel-based_virtual_machine	-	cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:::::::*
vmware	vsphere	-	cpe:2.3:o:vmware:vsphere:-:::::::*
nvidia	cloud_gaming	*	cpe:2.3:a:nvidia:cloud_gaming::::::::
nvidia	gpu_display_driver	*	cpe:2.3:a:nvidia:gpu_display_driver::::::linux::*
nvidia	geforce	-	cpe:2.3:a:nvidia:geforce:-:::::::*
nvidia	nvs	-	cpe:2.3:a:nvidia:nvs:-:::::::*
nvidia	quadro	-	cpe:2.3:a:nvidia:quadro:-:::::::*