fkie_nvd - fkie_cve-2022-34671

fkie_cve-2022-34671

Vulnerability from fkie_nvd

Published

2022-12-30 23:15

Modified

2025-02-13 17:15

Severity ?

8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.

References

URL	Tags
psirt@nvidia.com	https://nvidia.custhelp.com/app/answers/detail/a_id/5415	Vendor Advisory
psirt@nvidia.com	https://nvidia.custhelp.com/app/answers/detail/a_id/5468
psirt@nvidia.com	https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719
psirt@nvidia.com	https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720
psirt@nvidia.com	https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721
af854a3a-2127-422b-91ae-364da2661108	https://nvidia.custhelp.com/app/answers/detail/a_id/5415	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://nvidia.custhelp.com/app/answers/detail/a_id/5468
af854a3a-2127-422b-91ae-364da2661108	https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719
af854a3a-2127-422b-91ae-364da2661108	https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720
af854a3a-2127-422b-91ae-364da2661108	https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721

Impacted products

Vendor	Product	Version
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	nvs	-
nvidia	quadro	-
nvidia	rtx	-
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	tesla	-
nvidia	gpu_display_driver	*
nvidia	studio	-
nvidia	gpu_display_driver	*
nvidia	gpu_display_driver	*
nvidia	geforce	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B19EABAD-2FA5-4C85-AF5A-86A92934E21F",
              "versionEndExcluding": "474.14",
              "versionStartIncluding": "470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "92FDDB0C-1F5B-4559-8ACA-F7D889379384",
              "versionEndExcluding": "514.08",
              "versionStartIncluding": "510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "7CD854B9-D2EA-4797-8CD6-5CE7BF431EDC",
              "versionEndExcluding": "517.88",
              "versionStartIncluding": "515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "EFC7E8ED-C6D0-4ADB-B914-850B86E85DC6",
              "versionEndExcluding": "527.27",
              "versionStartIncluding": "525",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "1B6ED659-FE16-4240-AB72-F33BCEB67616",
              "versionEndExcluding": "454.02",
              "versionStartIncluding": "450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B19EABAD-2FA5-4C85-AF5A-86A92934E21F",
              "versionEndExcluding": "474.14",
              "versionStartIncluding": "470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "92FDDB0C-1F5B-4559-8ACA-F7D889379384",
              "versionEndExcluding": "514.08",
              "versionStartIncluding": "510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "E7C44AD7-7797-4CB6-B6B7-59176B72E417",
              "versionEndIncluding": "517.88",
              "versionStartIncluding": "515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "E07CE5FB-5FE4-449B-9A8C-FE3836F355D2",
              "versionEndExcluding": "527.41",
              "versionStartIncluding": "525",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "FF62D74B-A5A4-4A81-9D00-DDA6A8A1F05D",
              "versionEndExcluding": "526.98",
              "versionStartIncluding": "525",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B19EABAD-2FA5-4C85-AF5A-86A92934E21F",
              "versionEndExcluding": "474.14",
              "versionStartIncluding": "470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "FF62D74B-A5A4-4A81-9D00-DDA6A8A1F05D",
              "versionEndExcluding": "526.98",
              "versionStartIncluding": "525",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service."
    },
    {
      "lang": "es",
      "value": "NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa de modo de usuario, donde un usuario sin privilegios puede provocar una escritura fuera de los l\u00edmites, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo, la divulgaci\u00f3n de informaci\u00f3n y la Denegaci\u00f3n de Servicio (DoS)."
    }
  ],
  "id": "CVE-2022-34671",
  "lastModified": "2025-02-13T17:15:41.260",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 6.0,
        "source": "psirt@nvidia.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-12-30T23:15:09.430",
  "references": [
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5468"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1719"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1721"
    }
  ],
  "sourceIdentifier": "psirt@nvidia.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@nvidia.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2022-34671 (GCVE-0-2022-34671)

Vulnerability from cvelistv5

Published

2022-12-30 00:00

Modified

2025-04-11 15:43

Severity ?

8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write