Multiple vulnerabilities in nVidia GeForce driver for Windows
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2022-34683 CVE-2022-34681 CVE-2022-34678 CVE-2022-42266 CVE-2022-34672 CVE-2022-34671 CVE-2022-34669 |
| CWE-ID | CWE-476 CWE-20 CWE-269 CWE-787 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #6 is available. |
| Vulnerable software |
NVIDIA Windows GPU Display Driver Client/Desktop applications / Virtualization software |
| Vendor | nVidia |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU69819
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-34683
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape within the NVIDIA GPU Display Driver for Windows. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU69818
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-34681
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the NVIDIA GPU Display Driver for Windows (nvlddmkm.sys). A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU69817
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-34678
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the NVIDIA GPU Display Driver for Windows and Linux. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Privilege Management
EUVDB-ID: #VU69816
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-42266
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The
vulnerability exists due to improper privilege management in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape within the
NVIDIA GPU Display Driver for Windows. A local user can gain access to sensitive information.
Install updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Privilege Management
EUVDB-ID: #VU69815
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-34672
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper privilege management within the NVIDIA Control Panel for Windows. A local user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU69814
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2022-34671
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the NVIDIA GPU Display Driver for Windows. A local user can run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Improper Privilege Management
EUVDB-ID: #VU69813
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-34669
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper privilege management within the NVIDIA GPU Display Driver for Windows. A local user can access or modify system files or other files that are critical to the application and escalate privileges on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNVIDIA Windows GPU Display Driver: before 474.04
CPE2.3 External linkshttps://nvidia.custhelp.com/app/answers/detail/a_id/5415
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
