Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2022-25375 – Linux Kernel Vulnerability
February 22, 2022
Rewterz
Rewterz Threat Alert – QBot and Cobalt Strike strike using Zerologon Vulnerability – Active IOCs
February 22, 2022

Rewterz Threat Advisory – Multiple NVIDIA GPU Display Driver for Linux and Window Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-21813

NVIDIA GPU Display Driver for Linux is vulnerable to a denial of service, caused by improper handling of insufficient permissions or privileges in the kernel driver package. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-21814 

NVIDIA GPU Display Driver for Linux is vulnerable to a denial of service, caused by improper handling of insufficient permissions or privileges in the kernel driver package. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-21815

NVIDIA GPU Display Driver for Windows is vulnerable to a denial of service, caused by a NULL pointer dereference in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a system crash.

Impact

  • Denial of Service

Indicators of Compromise

CVE

  • CVE-2022-21813
  • CVE-2022-21814
  • CVE-2022-21815

Affected Vendors

  • NVIDIA

Affected Products

  • NVIDIA GPU Display Driver for Linux
  • NVIDIA GPU Display Driver for Windows

Remediation

Refer to NVIDIA Security Bulletin Answer for patch, upgrade, or suggested workaround information.

https://nvidia.custhelp.com/app/answers/detail/a_id/5321