User-Mode Layer Vulnerability in NVIDIA GPU Display Driver for Windows
CVE-2022-34671

8.5HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu Display Driver For Windows
Vendor: CVE Published:; 30 December 2022

Summary

The NVIDIA GPU Display Driver for Windows has a vulnerability in its user-mode layer that allows an unprivileged user to manipulate memory, potentially leading to an out-of-bounds write. This can result in unauthorized code execution, revealing sensitive information, or causing denial of service. The issue underscores the importance of keeping GPU drivers up to date to mitigate risks associated with potential exploitation.

Affected Version(s)

NVIDIA GPU Display Driver for Windows All versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

https://nvidia.custhelp.com/app/answers/detail/a_id/5468

https://www.talosintelligence.com/vulnerability_reports/T...

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 30, 2022
Vulnerability Reserved
Jun 27, 2022