CVE-2022-28181
9.9
CRITICAL
CVSS 3.1
EPSS 1.1%
Description
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.
How to fix CVE-2022-28181
To remediate CVE-2022-28181, upgrade the affected package to a fixed version below.
- —upgrade to 470.129.06-5~deb11u1 or later
- —upgrade to 390.151-1~deb11u1 or later
- —no fix listed
- —upgrade to 450.191.01-1~deb11u1 or later
- —no fix listed
- —upgrade to 470.129.06-1 or later
Is CVE-2022-28181 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (6)
- from 0, < 470.129.06-5~deb11u1
- from 0, < 390.151-1~deb11u1
- from 0
- from 0, < 450.191.01-1~deb11u1
- from 0
- from 0, < 470.129.06-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.9 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |