The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5547-1 advisory.

    Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some     situations. A local user could use this to cause a denial of service or possibly execute arbitrary code.
    (CVE-2022-31607)

    Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled certain memory operations,     leading to a null-pointer dereference. A local attacker could use this to cause a denial of service.
    (CVE-2022-31615)

    Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic Boost D-Bus component did not     properly restrict access to its endpoint. When enabled in non-default configurations, a local attacker     could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-31608)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : NVIDIA graphics drivers vulnerabilities (USN-5547-1)

high Nessus Plugin ID 163829

Version 1.9

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.9 Aug 28, 2024, 7:43 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202408281943
Version 1.8 Mar 8, 2024, 6:26 PM IAVM reference Plugin Feed: 202403081826
Version 1.7 Jul 11, 2023, 1:48 AM Detection Plugin Feed: 202307110148
Version 1.6 Mar 23, 2023, 4:25 PM CVSS metrics ("CVSSv2 score" changed from "7.2" to "6.8". "CVSSv2 score" changed from "7.2" to "6.8". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C". "CVSSv3 score" changed from "8.8" to "7.8". "CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C". "CVSSv3 score" changed from "8.8" to "7.8". "CVSSv3 vector" changed from "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C") CVSSv2 score source (changed from "CVE-2022-31615" to "CVE-2022-31608") CVSSv2 severity (based on CVE-2022-31608, severity decreased from "High" to "Medium") CVSSv3 score source (set to "CVE-2022-31608") Plugin Feed: 202303231625
Version 1.5 Mar 21, 2023, 7:30 PM Plugin metadata Plugin Feed: 202303211930
Version 1.4 Jan 18, 2023, 9:01 AM Logic Changes (Added support for s390x) Plugin Feed: 202301180901