CVE-2022-34677
MEDIUMNVIDIA GPU Display Driver >=390 <390.157 - Denial of Service or Data Tampering via Integer Truncation
Title source: llmDescription
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
References (3)
Core 3
Core References
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202310-02
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Scores
CVSS v3
5.5
EPSS
0.0029
EPSS Percentile
20.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-681
CWE-125
Status
published
Products (4)
debian/debian_linux
10.0
nvidia/cloud_gaming
< 525.60.12
nvidia/gpu_display_driver
390 - 390.157
nvidia/virtual_gpu
< 11.11
Published
Dec 30, 2022
Tracked Since
Feb 18, 2026