Denial of Service Vulnerability in NVIDIA Display Driver for Linux
CVE-2022-34675

5.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Vgpu Software (virtual Gpu Manager), Nvidia Cloud Gaming (virtual Gpu Manager)
Vendor: CVE Published:; 30 December 2022

Summary

The NVIDIA Display Driver for Linux is affected by a vulnerability in the Virtual GPU Manager, which arises from inadequate checks on the return value from a null-pointer dereference. This oversight may allow an attacker to exploit the vulnerability, resulting in a denial of service, thereby affecting the availability and performance of applications that depend upon the GPU resources.

Affected Version(s)

vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (Virtual GPU Manager) All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

https://lists.debian.org/debian-lts-announce/2023/05/msg0...

mailing-list

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 30, 2022
Vulnerability Reserved
Jun 27, 2022