CVE-2022-42259: Integer Overflow
First published: Fri Dec 30 2022(Updated: )
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Display Driver | >=390<390.157 | |
| Nvidia Gpu Display Driver | >=470<470.161.03 | |
| Nvidia Gpu Display Driver | >=510<510.108.03 | |
| Nvidia Gpu Display Driver | >=515<515.86.01 | |
| Nvidia Gpu Display Driver | >=525<525.60.11 | |
| Nvidia Geforce | ||
| Nvidia Nvs | ||
| Nvidia Quadro | ||
| Nvidia Rtx | ||
| Nvidia Gpu Display Driver | >=450<450.216.04 | |
| Nvidia Tesla | ||
| Nvidia Cloud Gaming | <525.60.12 | |
| Citrix Hypervisor | ||
| Redhat Enterprise Linux Kernel-based Virtual Machine | ||
| NVIDIA Virtual GPU | <11.11 | |
| NVIDIA Virtual GPU | >=12.0<13.6 | |
| NVIDIA Virtual GPU | >=14.0<14.4 | |
| Linux Linux kernel | ||
| VMware vSphere | ||
| Nvidia Cloud Gaming | <525.60.11 | |
| Debian Debian Linux | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-42259?
CVE-2022-42259 is a vulnerability in the NVIDIA GPU Display Driver for Linux that can lead to denial of service due to an integer overflow in the kernel mode layer.
Which software versions are affected by CVE-2022-42259?
CVE-2022-42259 affects NVIDIA GPU Display Driver for Linux versions 390 and 470.
What is the severity of CVE-2022-42259?
CVE-2022-42259 has a severity rating of 5.5 (medium).
How can I fix CVE-2022-42259?
To fix CVE-2022-42259, users should update their NVIDIA GPU Display Driver for Linux to a version that is not affected, such as the latest version.
Where can I find more information about CVE-2022-42259?
You can find more information about CVE-2022-42259 in the following references: [1](https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html), [2](https://nvidia.custhelp.com/app/answers/detail/a_id/5415), [3](https://security.gentoo.org/glsa/202310-02)
- collector/nvd-api
- collector/nvd-index
- vendor/nvidia
- product/gpu display driver
- canonical/nvidia gpu display driver
- product/geforce
- canonical/nvidia geforce
- product/nvs
- canonical/nvidia nvs
- product/quadro
- canonical/nvidia quadro
- product/rtx
- canonical/nvidia rtx
- product/tesla
- canonical/nvidia tesla
- product/cloud gaming
- canonical/nvidia cloud gaming
- vendor/citrix
- product/hypervisor
- canonical/citrix hypervisor
- vendor/redhat
- product/enterprise linux kernel-based virtual machine
- canonical/redhat enterprise linux kernel-based virtual machine
- product/virtual gpu
- canonical/nvidia virtual gpu
- vendor/linux
- product/linux kernel
- canonical/linux linux kernel
- vendor/vmware
- product/vsphere
- canonical/vmware vsphere
- vendor/debian
- product/debian linux
- canonical/debian debian linux