First published: Fri Dec 30 2022(Updated: )
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of service.
Credit: psirt@nvidia.com psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Virtual GPU | <11.11 | |
NVIDIA Virtual GPU | >=12.0<13.6 | |
NVIDIA Virtual GPU | >=14.0<14.4 | |
Citrix Hypervisor | ||
Linux Linux kernel | ||
Redhat Enterprise Linux Kernel-based Virtual Machine | ||
VMware vSphere | ||
Nvidia Cloud Gaming | <525.60.11 | |
Nvidia Cloud Gaming | <525.60.12 | |
NVIDIA Virtual GPU | >=13.0<13.6 | |
Microsoft Windows | ||
Nvidia Cloud Gaming | <527.27 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-34678 is a vulnerability in the NVIDIA GPU Display Driver for Windows and Linux that allows an unprivileged user to cause a null-pointer dereference, leading to denial of service.
NVIDIA Virtual GPU versions 11.11, 12.0 - 13.5, 14.0 - 14.3, NVIDIA Cloud Gaming versions up to 525.60.12 are affected by CVE-2022-34678.
CVE-2022-34678 has a severity rating of medium with a score of 5.5.
To mitigate CVE-2022-34678, it is recommended to update to the latest version of the affected software provided by NVIDIA.
More information about CVE-2022-34678 can be found at the following references: [link1](https://nvidia.custhelp.com/app/answers/detail/a_id/5415), [link2](https://security.gentoo.org/glsa/202310-02).