Vulnerability Description
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Display Driver | >= 390, < 390.154 |
| Nvidia | Geforce | - |
| Nvidia | Cloud Gaming Guest | < 515.65.01 |
| Linux | Linux Kernel | - |
| Nvidia | Rtx | - |
| Nvidia | Tesla | - |
Related Weaknesses (CWE)
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5383PatchVendor Advisory
- https://security.gentoo.org/glsa/202310-02Third Party Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5383PatchVendor Advisory
- https://security.gentoo.org/glsa/202310-02Third Party Advisory
FAQ
What is CVE-2022-31607?
CVE-2022-31607 is a vulnerability with a CVSS score of 7.8 (HIGH). NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to den...
How severe is CVE-2022-31607?
CVE-2022-31607 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-31607?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Gpu Display Driver, Nvidia Geforce, Nvidia Cloud Gaming Guest, Linux Linux Kernel, Nvidia Rtx.