CVE-2022-31616
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
19/11/2022
Last modified:
29/11/2022
Description
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure.
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 471.11 (including) | 473.81 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 516.25 (including) | 516.94 (excluding) |
| cpe:2.3:h:nvidia:geforce:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:* | 11.0 (including) | 11.8 (excluding) |
| cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:* | 13.0 (including) | 13.3 (excluding) |
| cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:cloud_gaming_guest:*:*:*:*:*:*:*:* | 516.94 (excluding) | |
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 516.25 (including) | 516.94 (excluding) |
| cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 471.11 (including) | 473.81 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 511.09 (including) | 513.46 (excluding) |
| cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:* | 516.25 (including) | 516.94 (excluding) |
| cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page