Vulnerability Description
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Gpu Display Driver | >= 390, < 390.157 |
| Nvidia | Geforce | - |
| Nvidia | Nvs | - |
| Nvidia | Quadro | - |
| Nvidia | Rtx | - |
| Nvidia | Tesla | - |
| Nvidia | Cloud Gaming | < 525.60.12 |
| Citrix | Hypervisor | - |
| Redhat | Enterprise Linux Kernel-Based Virtual Machine | - |
| Nvidia | Virtual Gpu | < 11.11 |
| Linux | Linux Kernel | - |
| Vmware | Vsphere | - |
| Debian | Debian Linux | 10.0 |
Related Weaknesses (CWE)
References
- https://lists.debian.org/debian-lts-announce/2023/05/msg00010.htmlMailing List
- https://nvidia.custhelp.com/app/answers/detail/a_id/5415Vendor Advisory
- https://security.gentoo.org/glsa/202310-02Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00010.htmlMailing List
- https://nvidia.custhelp.com/app/answers/detail/a_id/5415Vendor Advisory
- https://security.gentoo.org/glsa/202310-02Third Party Advisory
FAQ
What is CVE-2022-34677?
CVE-2022-34677 is a vulnerability with a CVSS score of 5.5 (MEDIUM). NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of serv...
How severe is CVE-2022-34677?
CVE-2022-34677 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-34677?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Gpu Display Driver, Nvidia Geforce, Nvidia Nvs, Nvidia Quadro, Nvidia Rtx.