CVE-2022-34677
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) | All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release | affected |
Weaknesses
- CWE-125: CWE-125
ADP Enrichment
CVE Program Container
Additional References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5415
- https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html
- https://security.gentoo.org/glsa/202310-02
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5415
- https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html
- https://security.gentoo.org/glsa/202310-02
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.