CVE-2022-42262

NameCVE-2022-42262
DescriptionNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs1025279, 1025282, 1025283, 1025284, 1025285, 1025286, 1025287

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)buster/non-free418.226.00-3vulnerable
bullseye/non-free470.161.03-1fixed
bookworm/non-free515.86.01-1fixed
sid/non-free520.56.06-2fixed
nvidia-graphics-drivers-tesla (PTS)bookworm/non-free, sid/non-free515.86.01-1fixed
nvidia-graphics-drivers-tesla-418 (PTS)bullseye/non-free418.226.00-6~deb11u1vulnerable
sid/non-free418.226.00-9vulnerable
nvidia-graphics-drivers-tesla-450 (PTS)bullseye/non-free450.216.04-1~deb11u1fixed
sid/non-free450.216.04-1fixed
nvidia-graphics-drivers-tesla-460 (PTS)bullseye/non-free460.106.00-6~deb11u1fixed
bookworm/non-free, sid/non-free460.106.00-9fixed
nvidia-graphics-drivers-tesla-470 (PTS)bullseye/non-free470.161.03-1~deb11u1fixed
bookworm/non-free, sid/non-free470.161.03-1fixed
nvidia-graphics-drivers-tesla-510 (PTS)bookworm/non-free510.108.03-1fixed
sid/non-free510.108.03-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssourcebullseye470.161.03-1
nvidia-graphics-driverssource(unstable)510.108.03-11025279
nvidia-graphics-drivers-teslasource(unstable)510.108.03-11025287
nvidia-graphics-drivers-tesla-418source(unstable)(unfixed)1025282
nvidia-graphics-drivers-tesla-450sourcebullseye450.216.04-1~deb11u1
nvidia-graphics-drivers-tesla-450source(unstable)450.216.04-11025283
nvidia-graphics-drivers-tesla-460source(unstable)460.106.00-31025284
nvidia-graphics-drivers-tesla-470sourcebullseye470.161.03-1~deb11u1
nvidia-graphics-drivers-tesla-470source(unstable)470.161.03-11025285
nvidia-graphics-drivers-tesla-510source(unstable)510.108.03-11025286

Notes

[bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not supported)
460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470

Search for package or bug name: Reporting problems