NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5353 | Patch Vendor Advisory |
https://security.gentoo.org/glsa/202310-02 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
13 Oct 2023, 02:01
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202310-02 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 9.9 |
03 Oct 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : unknown |
References |
|
26 May 2022, 18:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:* cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:* cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:* cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 8.5 |
References | (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Patch, Vendor Advisory | |
CWE | CWE-787 | |
First Time |
Linux
Nvidia gpu Display Driver Linux linux Kernel Microsoft Microsoft windows Nvidia Nvidia virtual Gpu |
17 May 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-17 20:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-28181
Mitre link : CVE-2022-28181
CVE.ORG link : CVE-2022-28181
JSON object : View
Products Affected
linux
- linux_kernel
microsoft
- windows
nvidia
- gpu_display_driver
- virtual_gpu
CWE
CWE-787
Out-of-bounds Write