CVE-2022-34674

CVE Database · CVE-2022-34674

CVE-2022-34674

· MEDIUMModified

CVSS v3.1

6.8

EPSS

0.27%

Published

Dec 30, 2022

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Weaknesses (CWE)

CWE-200

Affected Products (28)

nvidia · gpu_display_driver (up to 390.157)vulnerable

nvidia · gpu_display_driver (up to 470.161.03)vulnerable

nvidia · gpu_display_driver (up to 510.108.03)vulnerable

nvidia · gpu_display_driver (up to 515.86.01)vulnerable

nvidia · gpu_display_driver (up to 525.60.11)vulnerable

nvidia · geforce

nvidia · nvs

nvidia · quadro

nvidia · rtx

nvidia · gpu_display_driver (up to 450.216.04)

References (6)

https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html

Mailing List

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

Vendor Advisory

https://security.gentoo.org/glsa/202310-02

Third Party Advisory