CVE-2022-21813

Published Feb 7, 2022

Last updated a year ago

Overview

Description: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
Source: psirt@nvidia.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.1
Impact score: 4.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 3.6
Impact score: 4.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-755
psirt@nvidia.com: CWE-284

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nvidia:cloud_gaming_guest:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3BF125D-2BDD-4DDB-B8A6-5D28E64157E5"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C37AC285-221B-474F-8B3F-9DD7C586EB43"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3CCCEEC-CB0F-412F-9DE5-CD86E2AF6B2A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References