NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5383 | Patch Vendor Advisory |
https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
28 Nov 2022, 20:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-281 | |
References | (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Patch, Vendor Advisory | |
CPE | cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:* cpe:2.3:h:nvidia:tesla:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:* cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:* |
20 Nov 2022, 02:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-19 00:15
Updated : 2024-02-04 23:14
NVD link : CVE-2022-31608
Mitre link : CVE-2022-31608
CVE.ORG link : CVE-2022-31608
JSON object : View
Products Affected
nvidia
- rtx
- tesla
- geforce
- gpu_display_driver
CWE
CWE-281
Improper Preservation of Permissions