CVE-2022-31607 HIGH

CVE-2022-31607

Vendor Nvidia

Product NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)

Weakness CWE-20 · Input validation

Published November 18, 2022

Last update April 29, 2025

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.

Key dates

02Disclosure timeline

November 18, 2022 CVE published

April 29, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-31607

Related vulnerabilities

Identifiers

CVE CVE-2022-31607

CWE CWE-20

CVSS 7.8 / HIGH

Affected versions