CVE-2022-42266

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can cause exposure of sensitive information to an actor that is not explicitly authorized to have access to that information, which may lead to limited information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvidiaCNA
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
nvidiavirtual_gpu
𝑥
< 11.11
nvidiavirtual_gpu
13.0 ≤
𝑥
< 13.6
nvidiavirtual_gpu
14.0 ≤
𝑥
< 14.4
nvidiacloud_gaming
𝑥
< 527.27
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5415
https://nvidia.custhelp.com/app/answers/detail/a_id/5415