vulnerability

Arch Linux: Out-of-bounds Write (CVE-2022-28181)

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

May 17, 2022

Added

Jul 11, 2025

Modified

Mar 25, 2026

Description

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.

Solution

arch-linux-upgrade-latest

References

CVE-2022-28181
https://attackerkb.com/topics/CVE-2022-28181
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-32635
https://nvidia.custhelp.com/app/answers/detail/a_id/5353
https://security.gentoo.org/glsa/202310-02
CWE-787
EUVD-EUVD-2022-32635

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report