CVE-2022-31607: Input Validation
First published: Fri Nov 18 2022(Updated: )
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Display Driver | >=390<390.154 | |
| Nvidia Gpu Display Driver | >=470<470.141.03 | |
| Nvidia Gpu Display Driver | >=510<510.85.02 | |
| Nvidia Gpu Display Driver | >=515<515.65.01 | |
| Nvidia Geforce | ||
| Nvidia Cloud Gaming Guest | <515.65.01 | |
| Linux Linux kernel | ||
| Nvidia Rtx | ||
| Nvidia Gpu Display Driver | >=450<450.203.03 | |
| Nvidia Tesla |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-31607?
CVE-2022-31607 is a vulnerability in the NVIDIA GPU Display Driver for Linux that allows a local user with basic capabilities to cause improper input validation, leading to denial of service, privilege escalation, data tampering, and limited information disclosure.
Which software is affected by CVE-2022-31607?
The NVIDIA GPU Display Driver for Linux versions between 390 and 390.154, between 470 and 470.141.03, between 510 and 510.85.02, and versions 515 and 515.65.01 are affected by CVE-2022-31607.
How severe is CVE-2022-31607?
CVE-2022-31607 has a severity rating of 7.8 (high).
How can CVE-2022-31607 be fixed?
To fix CVE-2022-31607, NVIDIA users should update to the latest version of the GPU Display Driver for Linux.
Where can I find more information about CVE-2022-31607?
You can find more information about CVE-2022-31607 at the following references: [link1](https://nvidia.custhelp.com/app/answers/detail/a_id/5383), [link2](https://security.gentoo.org/glsa/202310-02)
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia gpu display driver
- version/nvidia gpu display driver/390
- version/nvidia gpu display driver/470
- version/nvidia gpu display driver/510
- version/nvidia gpu display driver/515
- canonical/nvidia geforce
- canonical/nvidia cloud gaming guest
- vendor/linux
- canonical/linux linux kernel
- canonical/nvidia rtx
- version/nvidia gpu display driver/450
- canonical/nvidia tesla