CVE-2022-34670
Description
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NVIDIA GPU Display Driver for Linux has a kernel-mode truncation error allowing unprivileged users to cause DoS or information disclosure.
Vulnerability
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler where a primitive-to-smaller-primitive cast causes data truncation. This issue affects all versions of the driver before the fixed releases: for the 470 branch, versions before 470.182.03; for 515, before 515.105.01; for 525, before 525.105.17; and for 530, before 530.41.03 [1].
Exploitation
An unprivileged regular user with local access to the system can trigger the truncation error by sending crafted input to the kernel mode layer handler. No authentication beyond local user credentials is required, and the attack does not require physical access or user interaction beyond the initial execution [1].
Impact
Successful exploitation may lead to denial of service (system crash or hang) or information disclosure, as the truncation can cause data loss in conversion that exposes kernel memory contents to the attacker [1].
Mitigation
NVIDIA has released fixed driver versions: 470.182.03 (branch 470), 515.105.01 (branch 515), 525.105.17 (branch 525), and 530.41.03 (branch 530). Users should upgrade to the latest version for their branch [1]. There is no known workaround for this vulnerability [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- NVIDIA/vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)v5Range: All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- security.gentoo.org/glsa/202310-02mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2023/05/msg00010.htmlmitremailing-list
- nvidia.custhelp.com/app/answers/detail/a_id/5415mitre
News mentions
0No linked articles in our index yet.