CVE-2022-21813

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-21813
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.

6.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

3.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 3.9 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5312 Vendor Advisory
https://security.gentoo.org/glsa/202310-02 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
History

13 Oct 2023, 01:51

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/202310-02 - (GENTOO) https://security.gentoo.org/glsa/202310-02 - Third Party Advisory
CVSS v2 : 3.6
v3 : unknown 		v2 : 3.6
v3 : 6.1

03 Oct 2023, 15:15

Type Values Removed Values Added
CVSS v2 : 3.6
v3 : 6.1 		v2 : 3.6
v3 : unknown
References
  • (GENTOO) https://security.gentoo.org/glsa/202310-02 -

24 Jan 2023, 15:40

Type Values Removed Values Added
CPE cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

30 Jun 2022, 20:27

Type Values Removed Values Added
CPE cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:* cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
First Time Nvidia tesla
Nvidia cloud Gaming Guest
Nvidia rtx
Nvidia nvs
Linux
Nvidia virtual Gpu
Nvidia quadro
Linux linux Kernel
Nvidia geforce
References (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5312 - (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5312 - Vendor Advisory

09 May 2022, 20:15

Type Values Removed Values Added
References
  • {'url': 'https://nvidia.custhelp.com/app/answers/detail/a_id/5321', 'name': 'N/A', 'tags': ['Broken Link'], 'refsource': 'CONFIRM'}
  • (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5312 -

11 Feb 2022, 20:12

Type Values Removed Values Added
CWE CWE-755
References (CONFIRM) https://nvidia.custhelp.com/app/answers/detail/a_id/5321 - (CONFIRM) https://nvidia.custhelp.com/app/answers/detail/a_id/5321 - Broken Link
First Time Nvidia gpu Display Driver
Nvidia
CPE cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:*
CVSS v2 : unknown
v3 : 6.1 		v2 : 3.6
v3 : 6.1

07 Feb 2022, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2022-02-07 20:15

Updated : 2023-12-10 14:09

NVD link : CVE-2022-21813

Mitre link : CVE-2022-21813

CVE.ORG link : CVE-2022-21813

JSON object : View

Products Affected

nvidia

  • quadro
  • gpu_display_driver
  • nvs
  • virtual_gpu
  • cloud_gaming_guest
  • geforce
  • rtx
  • tesla

linux

  • linux_kernel
CWE
CWE-755

Improper Handling of Exceptional Conditions

CWE-284

Improper Access Control