Lucene search

K
cvelistNvidiaCVELIST:CVE-2023-31021
HistoryNov 02, 2023 - 6:56 p.m.

CVE-2023-31021 CVE

2023-11-0218:56:21
CWE-476
nvidia
www.cve.org
7
cve-2023-31021
nvidia
vgpu software
virtual gpu manager
guest vm
null-pointer dereference
denial of service

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

9.0%

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "vGPU driver and Cloud gaming driver",
    "vendor": "nvidia",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release"
      }
    ]
  }
]

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0

Percentile

9.0%

Related for CVELIST:CVE-2023-31021