CVE-2022-28181

{"id": "CVE-2022-28181", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2022-05-17T20:15:08.673", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5353", "tags": ["Patch", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://security.gentoo.org/glsa/202310-02", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5353", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202310-02", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components."}, {"lang": "es", "value": "El controlador de pantalla de la GPU de NVIDIA para Windows y Linux contiene una vulnerabilidad en la capa del modo del kernel, en la que un usuario normal no privilegiado en la red puede causar una escritura fuera de l\u00edmites mediante un sombreador especialmente dise\u00f1ado, lo que puede conllevar a una ejecuci\u00f3n de c\u00f3digo, una denegaci\u00f3n de servicio, un aumento de privilegios, un divulgaci\u00f3n de informaci\u00f3n y una manipulaci\u00f3n de datos. El alcance del impacto puede extenderse a otros componentes"}], "lastModified": "2024-11-21T06:56:53.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167", "versionEndExcluding": "11.8", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58", "versionEndExcluding": "13.3", "versionStartIncluding": "13.0"}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "5FB8815D-2BE1-4454-BCBD-2B648F3FF01E"}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "ECC27EF8-10DE-47E6-B9F5-3D6BE9D06CB0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}