Vulnerabilities > Nvidia > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-27 CVE-2022-28196 Out-of-bounds Write vulnerability in Nvidia Jetson Linux
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service.
local
low complexity
nvidia CWE-787
4.6
2022-04-27 CVE-2022-28197 Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow.
local
high complexity
nvidia CWE-190
5.0
2022-03-29 CVE-2022-21821 Integer Overflow or Wraparound vulnerability in Nvidia Cuda Toolkit
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file.
network
nvidia CWE-190
6.8
2022-03-24 CVE-2022-21820 Improper Handling of Exceptional Conditions vulnerability in Nvidia Data Center GPU Manager
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity.
network
low complexity
nvidia CWE-755
6.3
2022-02-15 CVE-2022-21818 Cleartext Storage of Sensitive Information vulnerability in Nvidia License System
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity.
network
low complexity
nvidia CWE-312
5.5
2022-02-07 CVE-2022-21813 Improper Handling of Exceptional Conditions vulnerability in Nvidia products
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
local
low complexity
nvidia CWE-755
6.1
2022-02-07 CVE-2022-21814 Improper Handling of Exceptional Conditions vulnerability in Nvidia products
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
local
low complexity
nvidia CWE-755
6.1
2022-02-07 CVE-2022-21815 NULL Pointer Dereference vulnerability in Nvidia products
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
local
low complexity
nvidia CWE-476
4.9
2022-02-07 CVE-2022-21816 Missing Authentication for Critical Function vulnerability in Nvidia Cloud Gaming Virtual GPU and Virtual GPU
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service.
local
low complexity
nvidia CWE-306
5.5
2022-01-18 CVE-2021-34401 Unspecified vulnerability in Nvidia Shield Experience
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service.
local
low complexity
nvidia
4.6