CVE-2022-21814

NameCVE-2022-21814
DescriptionNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
Debian Bugs1004847, 1004853

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)stretch/non-free390.138-1vulnerable
stretch/non-free (security)390.144-1~deb9u1vulnerable
buster/non-free418.211.00-1vulnerable
bullseye/non-free460.91.03-1vulnerable
bookworm/non-free470.103.01-4fixed
sid/non-free470.129.06-2fixed
nvidia-graphics-drivers-tesla-470 (PTS)bookworm/non-free470.103.01-2fixed
sid/non-free470.129.06-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssource(unstable)470.103.01-11004847
nvidia-graphics-drivers-tesla-470source(unstable)470.103.01-11004853

Notes

[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)

Search for package or bug name: Reporting problems