7.1
CVE-2022-31616
- EPSS 0.07%
- Published 19.11.2022 00:15:26
- Last modified 21.11.2024 07:04:51
- Source psirt@nvidia.com
- Teams watchlist Login
- Open Login
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure.
Data is provided by the National Vulnerability Database (NVD)
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 471.11 < 473.81
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 516.25 < 516.94
Nvidia ≫ Virtual Gpu Version >= 11.0 < 11.8
Nvidia ≫ Virtual Gpu Version >= 13.0 < 13.3
Nvidia ≫ Virtual Gpu Version14.0
Nvidia ≫ Cloud Gaming Guest Version < 516.94
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 516.25 < 516.94
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 471.11 < 473.81
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 511.09 < 513.46
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 516.25 < 516.94
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 451.48 < 453.64
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 471.11 < 472.81
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 511.09 < 513.46
Nvidia ≫ Gpu Display Driver SwPlatformwindows Version >= 516.25 < 516.94
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.207 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
| psirt@nvidia.com | 6.1 | 1.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.