CVE-2022-34677
EUVD-2022-3762730.12.2022, 23:15
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| nvidia | gpu_display_driver | 390 ≤ 𝑥 < 390.157 |
| nvidia | gpu_display_driver | 470 ≤ 𝑥 < 470.161.03 |
| nvidia | gpu_display_driver | 510 ≤ 𝑥 < 510.108.03 |
| nvidia | gpu_display_driver | 515 ≤ 𝑥 < 515.86.01 |
| nvidia | gpu_display_driver | 525 ≤ 𝑥 < 525.60.11 |
| nvidia | gpu_display_driver | 450 ≤ 𝑥 < 450.216.04 |
| nvidia | gpu_display_driver | 470 ≤ 𝑥 < 470.161.03 |
| nvidia | gpu_display_driver | 510 ≤ 𝑥 < 510.108.03 |
| nvidia | gpu_display_driver | 515 ≤ 𝑥 < 515.86.01 |
| nvidia | gpu_display_driver | 525 ≤ 𝑥 < 525.60.11 |
| nvidia | cloud_gaming | 𝑥 < 525.60.12 |
| nvidia | virtual_gpu | 𝑥 < 11.11 |
| nvidia | virtual_gpu | 12.0 ≤ 𝑥 < 13.6 |
| nvidia | virtual_gpu | 14.0 ≤ 𝑥 < 14.4 |
| nvidia | cloud_gaming | 𝑥 < 525.60.11 |
| debian | debian_linux | 10.0 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| nvidia-graphics-drivers |
| ||||||||||||
| nvidia-graphics-drivers-legacy-340xx |
| ||||||||||||
| nvidia-graphics-drivers-legacy-390xx |
| ||||||||||||
| nvidia-graphics-drivers-tesla |
| ||||||||||||
| nvidia-graphics-drivers-tesla-418 |
| ||||||||||||
| nvidia-graphics-drivers-tesla-450 |
| ||||||||||||
| nvidia-graphics-drivers-tesla-460 |
| ||||||||||||
| nvidia-graphics-drivers-tesla-470 |
| ||||||||||||
| nvidia-open-gpu-kernel-modules |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| nvidia-graphics-drivers-304 |
| ||||||||||||||||||
| nvidia-graphics-drivers-304-updates |
| ||||||||||||||||||
| nvidia-graphics-drivers-340 |
| ||||||||||||||||||
| nvidia-graphics-drivers-340-updates |
| ||||||||||||||||||
| nvidia-graphics-drivers-352 |
| ||||||||||||||||||
| nvidia-graphics-drivers-352-updates |
| ||||||||||||||||||
| nvidia-graphics-drivers-361 |
| ||||||||||||||||||
| nvidia-graphics-drivers-367 |
| ||||||||||||||||||
| nvidia-graphics-drivers-375 |
| ||||||||||||||||||
| nvidia-graphics-drivers-384 |
| ||||||||||||||||||
| nvidia-graphics-drivers-390 |
| ||||||||||||||||||
| nvidia-graphics-drivers-418-server |
| ||||||||||||||||||
| nvidia-graphics-drivers-430 |
| ||||||||||||||||||
| nvidia-graphics-drivers-435 |
| ||||||||||||||||||
| nvidia-graphics-drivers-440 |
| ||||||||||||||||||
| nvidia-graphics-drivers-440-server |
| ||||||||||||||||||
| nvidia-graphics-drivers-450 |
| ||||||||||||||||||
| nvidia-graphics-drivers-450-server |
| ||||||||||||||||||
| nvidia-graphics-drivers-455 |
| ||||||||||||||||||
| nvidia-graphics-drivers-460 |
| ||||||||||||||||||
| nvidia-graphics-drivers-460-server |
| ||||||||||||||||||
| nvidia-graphics-drivers-470 |
| ||||||||||||||||||
| nvidia-graphics-drivers-470-server |
| ||||||||||||||||||
| nvidia-graphics-drivers-495 |
| ||||||||||||||||||
| nvidia-graphics-drivers-510 |
| ||||||||||||||||||
| nvidia-graphics-drivers-510-server |
| ||||||||||||||||||
| nvidia-graphics-drivers-515 |
| ||||||||||||||||||
| nvidia-graphics-drivers-515-server |
|
Common Weakness Enumeration
- CWE-125 - Out-of-bounds ReadThe software reads data past the end, or before the beginning, of the intended buffer.
- CWE-681 - Incorrect Conversion between Numeric TypesWhen converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
References