CVE-2022-34677
7.1
HIGH
CVSS 3.1
EPSS 0.05%
Description
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
How to fix CVE-2022-34677
To remediate CVE-2022-34677, upgrade the affected package to a fixed version below.
- Debian/nvidia-graphics-drivers—upgrade to 470.161.03-1 or later
- —upgrade to 390.157-1~deb11u1 or later
- —upgrade to 510.108.03-1 or later
- —no fix listed
- —upgrade to 450.216.04-1~deb11u1 or later
- —upgrade to 460.106.00-3 or later
- —upgrade to 470.161.03-1~deb11u1 or later
- —upgrade to 515.86.01-1 or later
Is CVE-2022-34677 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (8)
- from 0, < 470.161.03-1
- from 0, < 390.157-1~deb11u1
- from 0, < 510.108.03-1
- from 0
- from 0, < 450.216.04-1~deb11u1
- from 0, < 460.106.00-3
- from 0, < 470.161.03-1~deb11u1
- from 0, < 515.86.01-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |