CVE-2022-42258: Integer Overflow
First published: Fri Dec 30 2022(Updated: )
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Display Driver | >=390<390.157 | |
| Nvidia Gpu Display Driver | >=470<470.161.03 | |
| Nvidia Gpu Display Driver | >=510<510.108.03 | |
| Nvidia Gpu Display Driver | >=515<515.86.01 | |
| Nvidia Gpu Display Driver | >=525<525.60.11 | |
| Nvidia Geforce | ||
| Nvidia Nvs | ||
| Nvidia Quadro | ||
| Nvidia Rtx | ||
| Nvidia Gpu Display Driver | >=450<450.216.04 | |
| Nvidia Tesla | ||
| Nvidia Cloud Gaming | <525.60.12 | |
| Citrix Hypervisor | ||
| Redhat Enterprise Linux Kernel-based Virtual Machine | ||
| NVIDIA Virtual GPU | <11.11 | |
| NVIDIA Virtual GPU | >=12.0<13.6 | |
| NVIDIA Virtual GPU | >=14.0<14.4 | |
| Linux Linux kernel | ||
| VMware vSphere | ||
| Nvidia Cloud Gaming | <525.60.11 | |
| Debian Debian Linux | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this NVIDIA GPU Display Driver vulnerability?
The vulnerability ID for this NVIDIA GPU Display Driver vulnerability is CVE-2022-42258.
What is the severity of CVE-2022-42258?
The severity of CVE-2022-42258 is high with a CVSS score of 7.3.
Which software versions are affected by the NVIDIA GPU Display Driver vulnerability?
The NVIDIA GPU Display Driver vulnerability affects versions 390 to 525.60.11 of the NVIDIA GPU Display Driver for Linux.
What are the potential impacts of CVE-2022-42258?
The potential impacts of CVE-2022-42258 include denial of service, data tampering, and information disclosure.
Where can I find more information about CVE-2022-42258?
You can find more information about CVE-2022-42258 at the following references: [link1](https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html), [link2](https://nvidia.custhelp.com/app/answers/detail/a_id/5415), [link3](https://security.gentoo.org/glsa/202310-02).
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/nvidia
- canonical/nvidia gpu display driver
- version/nvidia gpu display driver/390
- version/nvidia gpu display driver/470
- version/nvidia gpu display driver/510
- version/nvidia gpu display driver/515
- version/nvidia gpu display driver/525
- canonical/nvidia geforce
- canonical/nvidia nvs
- canonical/nvidia quadro
- canonical/nvidia rtx
- version/nvidia gpu display driver/450
- canonical/nvidia tesla
- canonical/nvidia cloud gaming
- vendor/citrix
- canonical/citrix hypervisor
- vendor/redhat
- canonical/redhat enterprise linux kernel-based virtual machine
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/12.0
- version/nvidia virtual gpu/14.0
- vendor/linux
- canonical/linux linux kernel
- vendor/vmware
- canonical/vmware vsphere
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0