CVE-2022-28184

CVE-2022-28184

Name

CVE-2022-28184

Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://nvidia.custhelp.com/app/answers/detail/a_id/5353
Third Party Advisory	https://security.gentoo.org/glsa/202310-02

Type

URI

MISC

https://nvidia.custhelp.com/app/answers/detail/a_id/5353

Third Party Advisory

https://security.gentoo.org/glsa/202310-02

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:nvidia:gpu_display_driver:-:::::windows::`	gpu_display_driver	== None	== -
`cpe:2.3:a:nvidia:virtual_gpu::::::::`	virtual_gpu	>= 13.0	< 13.3
`cpe:2.3:a:nvidia:virtual_gpu::::::::`	virtual_gpu	>= 11.0	< 11.8
`cpe:2.3:a:nvidia:virtual_gpu:14.0:::::::*`	virtual_gpu	== None	== 14.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*

gpu_display_driver

== None

== -

cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*

virtual_gpu

>= 13.0

< 13.3

cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*

virtual_gpu

>= 11.0

< 11.8

cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*

virtual_gpu

== None

== 14.0

References

Match rules

Vulnerable and fixed packages