CVE-2022-28188: Input Validation
First published: Tue May 17 2022(Updated: )
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Display Driver | ||
| NVIDIA Virtual GPU | >=11.0<11.8 | |
| NVIDIA Virtual GPU | >=13.0<13.3 | |
| NVIDIA Virtual GPU | =14.0 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-28188?
CVE-2022-28188 is a vulnerability in the NVIDIA GPU Display Driver for Windows.
What is the severity of CVE-2022-28188?
CVE-2022-28188 has a severity rating of medium (5.5).
Which software is affected by CVE-2022-28188?
The NVIDIA GPU Display Driver for Windows, NVIDIA Virtual GPU 11.0 to 11.8, NVIDIA Virtual GPU 13.0 to 13.3, and NVIDIA Virtual GPU 14.0 are affected by CVE-2022-28188.
How does CVE-2022-28188 affect Microsoft Windows?
CVE-2022-28188 does not affect Microsoft Windows.
Is there a fix for CVE-2022-28188?
Please refer to the provided reference for information on how to fix CVE-2022-28188.
- collector/nvd-index
- vendor/nvidia
- canonical/nvidia gpu display driver
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/11.0
- version/nvidia virtual gpu/13.0
- version/nvidia virtual gpu/14.0
- vendor/microsoft
- canonical/microsoft windows