Lucene search
NvidiaCVE-2022-42256HistoryDec 30, 2022 - 11:15 p.m.
CVE-2022-42256
2022-12-3023:15:10
CWE-190
nvidia
web.nvd.nist.gov
47
nvidia
gpu
display driver
linux
vulnerability
cve-2022-42256
kernel mode
integer overflow
denial of service
information disclosure
data tampering
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
13.0%
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering.
Affected configurations
Node
nvidiavirtual_gpuRange<11.11
ORnvidiavirtual_gpuRange12.0–13.6
ORnvidiavirtual_gpuRange14.0–14.4
citrixhypervisorMatch-
ORlinuxlinux_kernelMatch-
ORredhatenterprise_linux_kernel-based_virtual_machineMatch-
ORvmwarevsphereMatch-
Node
nvidiacloud_gamingRange<525.60.11
linuxlinux_kernelMatch-
Node
nvidiacloud_gamingRange<525.60.12
citrixhypervisorMatch-
ORredhatenterprise_linux_kernel-based_virtual_machineMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nvidia | virtual_gpu | * | cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:* |
| citrix | hypervisor | - | cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:* |
| linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
| redhat | enterprise_linux_kernel-based_virtual_machine | - | cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:* |
| vmware | vsphere | - | cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:* |
| nvidia | cloud_gaming | * | cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "NVIDIA",
"product": "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
"versions": [
{
"version": "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2022-42256
2022-12-30 00:00:00
prion
prion
Integer overflow
2022-12-30 23:15:00
nvd
nvd
CVE-2022-42256
2022-12-30 23:15:10
ubuntucve
ubuntucve
CVE-2022-42256
2022-12-30 00:00:00
debiancve
debiancve
CVE-2022-42256
2022-12-30 23:15:10
nessus
nessus
NVIDIA Linux GPU Display Driver (Nov 2022)
2022-12-02 00:00:00
NVIDIA Virtual GPU Manager Multiple Vulnerabilities (November 2022)
2023-09-14 00:00:00
GLSA-202310-02 : NVIDIA Drivers: Multiple Vulnerabilities
2023-10-03 00:00:00
nvidia
nvidia
Security Bulletin: NVIDIA GPU Display Driver - November 2022
2022-11-29 00:00:00
gentoo
gentoo
NVIDIA Drivers: Multiple Vulnerabilities
2023-10-03 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0
Percentile
13.0%
Related for CVE-2022-42256