Lucene search

NvidiaCVE-2022-34670

HistoryDec 30, 2022 - 11:15 p.m.

CVE-2022-34670

2022-12-3023:15:09

CWE-197

CWE-681

nvidia

web.nvd.nist.gov

nvidia

gpu

linux

display driver

vulnerability

cve-2022-34670

nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

Percentile

13.0%

JSON

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.

Affected configurations

Nvd

Node

nvidiageforceMatch-

nvidianvsMatch-

nvidiaquadroMatch-

nvidiartxMatch-

AND

nvidiagpu_display_driverRange390–390.157linux

nvidiagpu_display_driverRange470–470.161.03linux

nvidiagpu_display_driverRange510–510.108.03linux

nvidiagpu_display_driverRange515–515.86.01linux

nvidiagpu_display_driverRange525–525.60.11linux

Node

nvidiagpu_display_driverRange450–450.216.04linux

nvidiagpu_display_driverRange470–470.161.03linux

nvidiagpu_display_driverRange510–510.108.03linux

nvidiagpu_display_driverRange515–515.86.01linux

nvidiagpu_display_driverRange525–525.60.11linux

AND

nvidiateslaMatch-

Node

nvidiavirtual_gpuRange<11.11

nvidiavirtual_gpuRange12.0–13.6

nvidiavirtual_gpuRange14.0–14.4

AND

citrixhypervisorMatch-

linuxlinux_kernelMatch-

redhatenterprise_linux_kernel-based_virtual_machineMatch-

vmwarevsphereMatch-

Node

nvidiacloud_gamingRange<525.60.11

AND

linuxlinux_kernelMatch-

Node

nvidiacloud_gamingRange<525.60.12

AND

citrixhypervisorMatch-

redhatenterprise_linux_kernel-based_virtual_machineMatch-

Node

debiandebian_linuxMatch10.0

VendorProductVersionCPE
nvidiageforce-cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
nvidianvs-cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
nvidiaquadro-cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
nvidiartx-cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
nvidiagpu_display_driver*cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
nvidiatesla-cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
nvidiavirtual_gpu*cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
citrixhypervisor-cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
redhatenterprise_linux_kernel-based_virtual_machine-cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	geforce	-	cpe:2.3:a:nvidia:geforce:-:::::::*
nvidia	nvs	-	cpe:2.3:a:nvidia:nvs:-:::::::*
nvidia	quadro	-	cpe:2.3:a:nvidia:quadro:-:::::::*
nvidia	rtx	-	cpe:2.3:a:nvidia:rtx:-:::::::*
nvidia	gpu_display_driver	*	cpe:2.3:a:nvidia:gpu_display_driver::::::linux::*
nvidia	tesla	-	cpe:2.3:a:nvidia:tesla:-:::::::*
nvidia	virtual_gpu	*	cpe:2.3:a:nvidia:virtual_gpu::::::::
citrix	hypervisor	-	cpe:2.3:o:citrix:hypervisor:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
redhat	enterprise_linux_kernel-based_virtual_machine	-	cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:::::::*

Rows per page:

1-10 of 131

CNA Affected

[
  {
    "vendor": "NVIDIA",
    "product": "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
    "versions": [
      {
        "version": "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release",
        "status": "affected"
      }
    ]
  }
]