CVE-2022-34684
First published: Fri Dec 30 2022(Updated: )
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Virtual GPU | <11.11 | |
| NVIDIA Virtual GPU | >=12.0<13.6 | |
| NVIDIA Virtual GPU | >=14.0<14.4 | |
| Citrix Hypervisor | ||
| Linux Linux kernel | ||
| Redhat Enterprise Linux Kernel-based Virtual Machine | ||
| VMware vSphere | ||
| Nvidia Cloud Gaming | <525.60.11 | |
| Nvidia Cloud Gaming | <525.60.12 | |
| Nvidia Gpu Display Driver | >=510<510.108.03 | |
| Nvidia Gpu Display Driver | >=515<515.86.01 | |
| Nvidia Geforce | ||
| Nvidia Nvs | ||
| Nvidia Quadro | ||
| Nvidia Rtx | ||
| Nvidia Tesla |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this NVIDIA GPU Display Driver vulnerability?
The vulnerability ID is CVE-2022-34684.
What is the severity level of CVE-2022-34684?
The severity level of CVE-2022-34684 is high with a score of 7.1.
What is the affected software for CVE-2022-34684?
The affected software for CVE-2022-34684 includes Nvidia Virtual Gpu (up to version 11.11), Nvidia Virtual Gpu (between versions 12.0 and 13.6), Nvidia Virtual Gpu (between versions 14.0 and 14.4), and Nvidia Gpu Display Driver (between versions 510 and 510.108.03 on Linux).
What is the description of CVE-2022-34684?
CVE-2022-34684 is a vulnerability in the NVIDIA GPU Display Driver for Linux that allows an off-by-one error, potentially leading to data tampering or information disclosure.
Where can I find more information about CVE-2022-34684?
You can find more information about CVE-2022-34684 on the NVIDIA website at https://nvidia.custhelp.com/app/answers/detail/a_id/5415 and the Gentoo Linux Security Advisory website at https://security.gentoo.org/glsa/202310-02.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/nvidia
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/12.0
- version/nvidia virtual gpu/14.0
- vendor/citrix
- canonical/citrix hypervisor
- vendor/linux
- canonical/linux linux kernel
- vendor/redhat
- canonical/redhat enterprise linux kernel-based virtual machine
- vendor/vmware
- canonical/vmware vsphere
- canonical/nvidia cloud gaming
- canonical/nvidia gpu display driver
- version/nvidia gpu display driver/510
- version/nvidia gpu display driver/515
- canonical/nvidia geforce
- canonical/nvidia nvs
- canonical/nvidia quadro
- canonical/nvidia rtx
- canonical/nvidia tesla