NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.
References
| Link | Resource |
|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5353 | Patch Vendor Advisory |
| https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
|
History
26 May 2022, 18:59
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Patch, Vendor Advisory | |
| CPE | cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:* cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:* |
|
| CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 8.5 |
| CWE | CWE-787 |
17 May 2022, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-05-17 20:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-28181
Mitre link : CVE-2022-28181
CVE.ORG link : CVE-2022-28181
JSON object : View
Products Affected
microsoft
- windows
nvidia
- gpu_display_driver
- virtual_gpu
linux
- linux_kernel
CWE
CWE-787
Out-of-bounds Write