7.8
CVE-2022-42260
- EPSS 0.16%
- Published 30.12.2022 23:15:11
- Last modified 21.11.2024 07:24:36
- Source psirt@nvidia.com
- Teams watchlist Login
- Open Login
NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Data is provided by the National Vulnerability Database (NVD)
Nvidia ≫ Virtual Gpu Version < 11.11
Citrix ≫ Hypervisor Version-
Linux ≫ Linux Kernel Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Linux ≫ Linux Kernel Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Nvidia ≫ Virtual Gpu Version >= 12.0 < 13.6
Citrix ≫ Hypervisor Version-
Linux ≫ Linux Kernel Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Linux ≫ Linux Kernel Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Nvidia ≫ Virtual Gpu Version >= 14.0 < 14.4
Citrix ≫ Hypervisor Version-
Linux ≫ Linux Kernel Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Linux ≫ Linux Kernel Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Nvidia ≫ Cloud Gaming Version < 525.60.11
Nvidia ≫ Gpu Display Driver SwPlatformlinux Version >= 470 < 470.161.03
Nvidia ≫ Gpu Display Driver SwPlatformlinux Version >= 510 < 510.108.03
Nvidia ≫ Gpu Display Driver SwPlatformlinux Version >= 450 < 450.216.04
Nvidia ≫ Gpu Display Driver SwPlatformlinux Version >= 470 < 470.161.03
Nvidia ≫ Gpu Display Driver SwPlatformlinux Version >= 510 < 510.108.03
Nvidia ≫ Cloud Gaming Version < 525.60.12
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.16% | 0.378 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
psirt@nvidia.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-281 Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.