Out-of-Bounds Read Vulnerability in NVIDIA GPU Display Driver for Windows
CVE-2022-42267

7HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu Display Driver For Windows
Vendor: CVE Published:; 30 December 2022

Summary

The NVIDIA GPU Display Driver for Windows has a vulnerability that allows an ordinary user to trigger an out-of-bounds read. This could potentially allow malicious actors to execute arbitrary code, leading to unauthorized access or control over affected systems. The vulnerability may also cause denial of service, escalate privileges, or lead to possible disclosure of sensitive information. It is crucial for users and organizations relying on NVIDIA GPU drivers to assess their exposure and implement appropriate security measures.

Affected Version(s)

NVIDIA GPU Display Driver for Windows All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 30, 2022
Vulnerability Reserved
Oct 3, 2022