CVE-2022-21814

NameCVE-2022-21814
DescriptionNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1004847, 1004853

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)buster/non-free418.226.00-3vulnerable
bullseye/non-free470.223.02-1fixed
bookworm/non-free-firmware525.147.05-4~deb12u1fixed
trixie/non-free-firmware525.147.05-10fixed
sid/non-free-firmware535.161.08-1fixed
nvidia-graphics-drivers-tesla-470 (PTS)bullseye/non-free470.223.02-2~deb11u1fixed
bookworm/non-free470.223.02-2~deb12u1fixed
trixie/non-free, sid/non-free470.239.06-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssourcebullseye470.129.06-5~deb11u1
nvidia-graphics-driverssource(unstable)470.103.01-11004847
nvidia-graphics-drivers-tesla-470source(unstable)470.103.01-11004853

Notes

[buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)

Search for package or bug name: Reporting problems