Vulnerabilities > CVE-2022-31608 - Improper Preservation of Permissions vulnerability in Nvidia GPU Display Driver

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

nvidia

CWE-281

NVD

Published: 2022-11-19

Updated: 2023-10-15

Summary

NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia GPU Display Driver 390 Nvidia GPU Display Driver 390.143 Nvidia GPU Display Driver 470 Nvidia GPU Display Driver 510 Nvidia GPU Display Driver 515 Nvidia GPU Display Driver 450 Nvidia GPU Display Driver 450.119.03 Nvidia RTX -	8
Hardware	Nvidia Nvidia Geforce - Nvidia Tesla -	2

Common Weakness Enumeration (CWE)

CWE-281 - Improper Preservation of Permissions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References