CVE-2022-21814 — MEDIUM (6.1)

Vulnerability Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

HIGH

Affected Products

Vendor	Product	Versions
Nvidia	Geforce	-
Nvidia	Gpu Display Driver	-
Nvidia	Nvs	-
Nvidia	Quadro	-
Nvidia	Rtx	-
Nvidia	Tesla	-
Linux	Linux Kernel	-

Related Weaknesses (CWE)

CWE-280 CWE-755

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5312Vendor Advisory
https://security.gentoo.org/glsa/202310-02Third Party Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5312Vendor Advisory
https://security.gentoo.org/glsa/202310-02Third Party Advisory

FAQ

What is CVE-2022-21814?

CVE-2022-21814 is a vulnerability with a CVSS score of 6.1 (MEDIUM). NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limite...

How severe is CVE-2022-21814?

CVE-2022-21814 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-21814?

Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Geforce, Nvidia Gpu Display Driver, Nvidia Nvs, Nvidia Quadro, Nvidia Rtx.