What is CVE-2022-28182?

CVE-2022-28182 is a vulnerability in the NVIDIA GPU Display Driver for Windows, specifically in the DirectX11 user mode driver (nvwgf2um/x.dll).

What is the severity of CVE-2022-28182?

The severity of CVE-2022-28182 is high, with a CVSS score of 8.5.

How does CVE-2022-28182 impact the affected software?

CVE-2022-28182 allows an unauthorized attacker on the network to cause an out-of-bounds write in the NVIDIA GPU Display Driver, potentially leading to code execution, denial of service, or escalation of privileges.

Which software versions are affected by CVE-2022-28182?

NVIDIA GPU Display Driver for Windows versions, NVIDIA Virtual GPU versions 11.0 to 11.8 and 13.0 to 13.3, and NVIDIA Virtual GPU version 14.0 are affected by CVE-2022-28182.

How can I fix CVE-2022-28182?

To mitigate CVE-2022-28182, it is recommended to update to the latest version of the NVIDIA GPU Display Driver for Windows and NVIDIA Virtual GPU.

Vulnerability/
CVE-2022-28182

high

8.5

CWE

787

17/5/2022

26/5/2022

CVE-2022-28182

First published: Tue May 17 2022(Updated: )

NVIDIA GPU Display Driver for Windows contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), where an unauthorized attacker on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution to cause denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.

Credit: psirt@nvidia.com

Affected Software	Affected Version	How to fix
Nvidia Gpu Display Driver
NVIDIA Virtual GPU	>=11.0<11.8
NVIDIA Virtual GPU	>=13.0<13.3
NVIDIA Virtual GPU	=14.0
Microsoft Windows

Never miss a vulnerability like this again

Reference Links

https://nvidia.custhelp.com/app/answers/detail/a_id/5353

Frequently Asked Questions

What is CVE-2022-28182?
CVE-2022-28182 is a vulnerability in the NVIDIA GPU Display Driver for Windows, specifically in the DirectX11 user mode driver (nvwgf2um/x.dll).
What is the severity of CVE-2022-28182?
The severity of CVE-2022-28182 is high, with a CVSS score of 8.5.
How does CVE-2022-28182 impact the affected software?
CVE-2022-28182 allows an unauthorized attacker on the network to cause an out-of-bounds write in the NVIDIA GPU Display Driver, potentially leading to code execution, denial of service, or escalation of privileges.
Which software versions are affected by CVE-2022-28182?
NVIDIA GPU Display Driver for Windows versions, NVIDIA Virtual GPU versions 11.0 to 11.8 and 13.0 to 13.3, and NVIDIA Virtual GPU version 14.0 are affected by CVE-2022-28182.
How can I fix CVE-2022-28182?
To mitigate CVE-2022-28182, it is recommended to update to the latest version of the NVIDIA GPU Display Driver for Windows and NVIDIA Virtual GPU.

collector/nvd-index
vendor/nvidia
canonical/nvidia gpu display driver
canonical/nvidia virtual gpu
version/nvidia virtual gpu/11.0
version/nvidia virtual gpu/13.0
version/nvidia virtual gpu/14.0
vendor/microsoft
canonical/microsoft windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.