Vulnerability Description
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Virtual Gpu | >= 11.0, < 11.8 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Nvidia | Gpu Display Driver | - |
Related Weaknesses (CWE)
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5353PatchVendor Advisory
- https://security.gentoo.org/glsa/202310-02Third Party Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5353PatchVendor Advisory
- https://security.gentoo.org/glsa/202310-02Third Party Advisory
FAQ
What is CVE-2022-28181?
CVE-2022-28181 is a vulnerability with a CVSS score of 8.5 (HIGH). NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a speciall...
How severe is CVE-2022-28181?
CVE-2022-28181 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-28181?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Virtual Gpu, Linux Linux Kernel, Microsoft Windows, Nvidia Gpu Display Driver.