CVE-2022-34677

NameCVE-2022-34677
DescriptionNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs1025279, 1025280, 1025281, 1025282, 1025283, 1025284, 1025285, 1025286, 1025287

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)buster/non-free418.226.00-3vulnerable
bullseye/non-free470.161.03-1fixed
bookworm/non-free515.86.01-1fixed
sid/non-free520.56.06-2fixed
nvidia-graphics-drivers-legacy-340xx (PTS)buster/non-free340.108-3~deb10u1vulnerable
sid/non-free340.108-17vulnerable
nvidia-graphics-drivers-legacy-390xx (PTS)buster/non-free390.154-1~deb10u1vulnerable
bullseye/non-free390.157-1~deb11u1fixed
sid/non-free390.157-1fixed
nvidia-graphics-drivers-tesla (PTS)bookworm/non-free, sid/non-free515.86.01-1fixed
nvidia-graphics-drivers-tesla-418 (PTS)bullseye/non-free418.226.00-6~deb11u1vulnerable
sid/non-free418.226.00-9vulnerable
nvidia-graphics-drivers-tesla-450 (PTS)bullseye/non-free450.216.04-1~deb11u1fixed
sid/non-free450.216.04-1fixed
nvidia-graphics-drivers-tesla-460 (PTS)bullseye/non-free460.106.00-6~deb11u1fixed
bookworm/non-free, sid/non-free460.106.00-9fixed
nvidia-graphics-drivers-tesla-470 (PTS)bullseye/non-free470.161.03-1~deb11u1fixed
bookworm/non-free, sid/non-free470.161.03-1fixed
nvidia-graphics-drivers-tesla-510 (PTS)bookworm/non-free510.108.03-1fixed
sid/non-free510.108.03-2fixed
nvidia-open-gpu-kernel-modules (PTS)bookworm/contrib515.86.01-1fixed
sid/contrib520.56.06-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssourcebullseye470.161.03-1
nvidia-graphics-driverssource(unstable)510.108.03-11025279
nvidia-graphics-drivers-legacy-340xxsource(unstable)(unfixed)1025280
nvidia-graphics-drivers-legacy-390xxsourcebullseye390.157-1~deb11u1
nvidia-graphics-drivers-legacy-390xxsource(unstable)390.157-11025281
nvidia-graphics-drivers-teslasource(unstable)510.108.03-11025287
nvidia-graphics-drivers-tesla-418source(unstable)(unfixed)1025282
nvidia-graphics-drivers-tesla-450sourcebullseye450.216.04-1~deb11u1
nvidia-graphics-drivers-tesla-450source(unstable)450.216.04-11025283
nvidia-graphics-drivers-tesla-460source(unstable)460.106.00-31025284
nvidia-graphics-drivers-tesla-470sourcebullseye470.161.03-1~deb11u1
nvidia-graphics-drivers-tesla-470source(unstable)470.161.03-11025285
nvidia-graphics-drivers-tesla-510source(unstable)510.108.03-11025286
nvidia-open-gpu-kernel-modulessource(unstable)515.86.01-1

Notes

[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
[bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not supported)
460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470

Search for package or bug name: Reporting problems