CVE-2022-34680
First published: Fri Dec 30 2022(Updated: )
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Display Driver | >=390<390.157 | |
| Nvidia Gpu Display Driver | >=470<470.161.03 | |
| Nvidia Gpu Display Driver | >=510<510.108.03 | |
| Nvidia Gpu Display Driver | >=515<515.86.01 | |
| Nvidia Gpu Display Driver | >=525<525.60.11 | |
| Nvidia Geforce | ||
| Nvidia Nvs | ||
| Nvidia Quadro | ||
| Nvidia Rtx | ||
| Nvidia Gpu Display Driver | >=450<450.216.04 | |
| Nvidia Tesla | ||
| Nvidia Cloud Gaming | <525.60.12 | |
| Citrix Hypervisor | ||
| Redhat Enterprise Linux Kernel-based Virtual Machine | ||
| NVIDIA Virtual GPU | <11.11 | |
| NVIDIA Virtual GPU | >=12.0<13.6 | |
| NVIDIA Virtual GPU | >=14.0<14.4 | |
| Linux Linux kernel | ||
| VMware vSphere | ||
| Nvidia Cloud Gaming | <525.60.11 | |
| Debian Debian Linux | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this NVIDIA GPU Display Driver for Linux vulnerability?
The vulnerability ID of this NVIDIA GPU Display Driver for Linux vulnerability is CVE-2022-34680.
What is the severity level of CVE-2022-34680?
The severity level of CVE-2022-34680 is medium with a CVSS score of 5.5.
What is the affected software for CVE-2022-34680?
The affected software for CVE-2022-34680 is the NVIDIA GPU Display Driver for Linux.
How can the NVIDIA GPU Display Driver for Linux vulnerability be exploited?
The vulnerability in the NVIDIA GPU Display Driver for Linux can be exploited through an integer truncation that leads to an out-of-bounds read, potentially causing a denial-of-service.
Are there any known fixes or patches for CVE-2022-34680?
Yes, NVIDIA has released fixes and patches for the vulnerability. Please refer to the references provided for more information.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/nvidia
- canonical/nvidia gpu display driver
- version/nvidia gpu display driver/390
- version/nvidia gpu display driver/470
- version/nvidia gpu display driver/510
- version/nvidia gpu display driver/515
- version/nvidia gpu display driver/525
- canonical/nvidia geforce
- canonical/nvidia nvs
- canonical/nvidia quadro
- canonical/nvidia rtx
- version/nvidia gpu display driver/450
- canonical/nvidia tesla
- canonical/nvidia cloud gaming
- vendor/citrix
- canonical/citrix hypervisor
- vendor/redhat
- canonical/redhat enterprise linux kernel-based virtual machine
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/12.0
- version/nvidia virtual gpu/14.0
- vendor/linux
- canonical/linux linux kernel
- vendor/vmware
- canonical/vmware vsphere
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0