Lucene search

Ubuntu.comUB:CVE-2022-31617

HistoryNov 19, 2022 - 12:00 a.m.

CVE-2022-31617

2022-11-1900:00:00

ubuntu.com

nvidia gpu display driver

windows

vulnerability

kernel mode

local user

out-of-bounds read

code execution

denial of service

privilege escalation

information disclosure

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

NVIDIA GPU Display Driver for Windows contains a vulnerability in the
kernel mode layer (nvlddmkm.sys), where a local user with basic
capabilities can cause an out-of-bounds read, which may lead to code
execution, denial of service, escalation of privileges, information
disclosure, or data tampering.

Notes

Author	Note
sbeattie	windows drivers only
mdeslaur	some binary drivers are no longer support by NVidia, so they are marked as ignored here

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchnvidia-graphics-drivers-384< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	nvidia-graphics-drivers-384	< any	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2022-31617

nvd.nist.gov/vuln/detail/CVE-2022-31617

nvidia.custhelp.com/app/answers/detail/a_id/5383

security-tracker.debian.org/tracker/CVE-2022-31617

www.cve.org/CVERecord?id=CVE-2022-31617

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2022-31617