Vulnerabilities > CVE-2022-21815 - NULL Pointer Dereference vulnerability in Nvidia products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

nvidia

CWE-476

NVD

Published: 2022-02-07

Updated: 2022-09-03

Summary

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia Cloud Gaming Guest - Nvidia Geforce - Nvidia GPU Display Driver - Nvidia NVS - Nvidia Quadro - Nvidia RTX - Nvidia Studio - Nvidia Tesla - Nvidia Virtual GPU -	9
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5312