{"id":"MGASA-2022-0197","summary":"Updated nvidia390 packages fix security vulnerabilities","details":"Updated nvidia390 packages fix security vulnerabilities:\n\nNVIDIA GPU Display Driver contains a vulnerability in the kernel mode\nlayer, where an unprivileged regular user on the network can cause an\nout-of-bounds write through a specially crafted shader, which may lead\nto code execution, denial of service, escalation of privileges,\ninformation disclosure, and data tampering. The scope of the impact may\nextend to other components (CVE‑2022‑28181).\n\nNVIDIA GPU Display Driver contains a vulnerability in the ECC layer, where\nan unprivileged regular user can cause an out-of-bounds write, which may\nlead to denial of service and data tampering (CVE‑2022‑28185).\n\nThis driver also adds official support for kernel 5.17+ series.\n","modified":"2026-03-25T17:59:24.962361Z","published":"2022-05-22T11:26:36Z","related":["CVE-2022-28181","CVE-2022-28185"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0197.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30441"},{"type":"REPORT","url":"https://www.nvidia.com/Download/driverResults.aspx/188601/en-us"},{"type":"REPORT","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5353"}],"affected":[{"package":{"name":"nvidia390","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/nvidia390?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"390.151-1.mga8.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0197.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}