MGASA-2022-0197

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0197.html

Import Source

https://advisories.mageia.org/MGASA-2022-0197.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2022-0197

Related

Published

2022-05-22T11:26:36Z

Modified

2026-03-25T17:59:24.962361Z

Summary

Updated nvidia390 packages fix security vulnerabilities

Details

Updated nvidia390 packages fix security vulnerabilities:

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components (CVE‑2022‑28181).

NVIDIA GPU Display Driver contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering (CVE‑2022‑28185).

This driver also adds official support for kernel 5.17+ series.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / nvidia390

Package

Name: nvidia390
Purl: pkg:rpm/mageia/nvidia390?arch=source&distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

390.151-1.mga8.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2022-0197.json"