CVE-2022-34680
First published: Fri Dec 30 2022(Updated: )
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA GPU Display Driver Linux | >=390<390.157 | |
| NVIDIA GPU Display Driver Linux | >=470<470.161.03 | |
| NVIDIA GPU Display Driver Linux | >=510<510.108.03 | |
| NVIDIA GPU Display Driver Linux | >=515<515.86.01 | |
| NVIDIA GPU Display Driver Linux | >=525<525.60.11 | |
| NVIDIA GeForce | ||
| NVIDIA NVS Firmware | ||
| NVIDIA Quadro | ||
| NVIDIA RTX | ||
| NVIDIA GPU Display Driver Linux | >=450<450.216.04 | |
| NVIDIA tesla | ||
| NVIDIA Cloud Gaming | <525.60.12 | |
| Citrix Hypervisor | ||
| Red Hat Enterprise Linux Kernel-based Virtual Machine | ||
| NVIDIA vGPU Software | <11.11 | |
| NVIDIA vGPU Software | >=12.0<13.6 | |
| NVIDIA vGPU Software | >=14.0<14.4 | |
| Linux kernel | ||
| VMware vSphere | ||
| NVIDIA Cloud Gaming | <525.60.11 | |
| Debian | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this NVIDIA GPU Display Driver for Linux vulnerability?
The vulnerability ID of this NVIDIA GPU Display Driver for Linux vulnerability is CVE-2022-34680.
What is the severity level of CVE-2022-34680?
The severity level of CVE-2022-34680 is medium with a CVSS score of 5.5.
What is the affected software for CVE-2022-34680?
The affected software for CVE-2022-34680 is the NVIDIA GPU Display Driver for Linux.
How can the NVIDIA GPU Display Driver for Linux vulnerability be exploited?
The vulnerability in the NVIDIA GPU Display Driver for Linux can be exploited through an integer truncation that leads to an out-of-bounds read, potentially causing a denial-of-service.
Are there any known fixes or patches for CVE-2022-34680?
Yes, NVIDIA has released fixes and patches for the vulnerability. Please refer to the references provided for more information.
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/author
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/nvidia
- canonical/nvidia gpu display driver linux
- version/nvidia gpu display driver linux/390
- version/nvidia gpu display driver linux/470
- version/nvidia gpu display driver linux/510
- version/nvidia gpu display driver linux/515
- version/nvidia gpu display driver linux/525
- canonical/nvidia geforce
- canonical/nvidia nvs firmware
- canonical/nvidia quadro
- canonical/nvidia rtx
- version/nvidia gpu display driver linux/450
- canonical/nvidia tesla
- canonical/nvidia cloud gaming
- vendor/citrix
- canonical/citrix hypervisor
- vendor/redhat
- canonical/red hat enterprise linux kernel-based virtual machine
- canonical/nvidia vgpu software
- version/nvidia vgpu software/12.0
- version/nvidia vgpu software/14.0
- vendor/linux
- canonical/linux kernel
- vendor/vmware
- canonical/vmware vsphere
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/10.0