← Back

CVE-2022-28184

nvd nist
Published: May 17, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering.

Affected (5)

Nvidia
2 products
Gpu Display Driver
Virtual Gpu
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Nvidia
Gpu Display Driver
All versions
Gpu Display Driver
All versions
Nvidia
Virtual Gpu
From 11.0 to 11.8
Virtual Gpu
From 13.0 to 13.3
Virtual Gpu
Version 14.0

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

Source: psirt@nvidia.com
PatchVendor Advisory
Source: psirt@nvidia.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.