Lucene search

[email protected]NVD:CVE-2023-0181

HistoryApr 01, 2023 - 5:15 a.m.

CVE-2023-0181

2023-04-0105:15:07

CWE-280

CWE-276

[email protected]

web.nvd.nist.gov

nvidia

gpu

display driver

vulnerability

kernel mode

denial of service

data tampering

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.

Affected configurations

Nvd

Node

nvidiavirtual_gpuRange<11.12

nvidiavirtual_gpuRange13.0–13.7

nvidiavirtual_gpuRange15.0–15.2

AND

citrixhypervisorMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

redhatenterprise_linux_kernel-based_virtual_machineMatch-

vmwarevsphereMatch-

VendorProductVersionCPE
nvidiavirtual_gpu*cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
citrixhypervisor-cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
redhatenterprise_linux_kernel-based_virtual_machine-cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
vmwarevsphere-cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	virtual_gpu	*	cpe:2.3:a:nvidia:virtual_gpu::::::::
citrix	hypervisor	-	cpe:2.3:o:citrix:hypervisor:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
redhat	enterprise_linux_kernel-based_virtual_machine	-	cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:::::::*
vmware	vsphere	-	cpe:2.3:o:vmware:vsphere:-:::::::*