CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
13.0%
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager
(vGPU plugin), where an input index is not validated, which may lead to
buffer overrun, which in turn may cause data tampering, information
disclosure, or denial of service.
Author | Note |
---|---|
mdeslaur | some binary drivers are no longer support by NVidia, so they are marked as ignored here |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 16.04 | noarch | nvidia-graphics-drivers-384 | < any | UNKNOWN |
ubuntu | 18.04 | noarch | nvidia-graphics-drivers-450-server | < 450.216.04-0ubuntu0.18.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | nvidia-graphics-drivers-450-server | < 450.216.04-0ubuntu0.20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | nvidia-graphics-drivers-450-server | < 450.216.04-0ubuntu0.22.04.1 | UNKNOWN |
ubuntu | 22.10 | noarch | nvidia-graphics-drivers-450-server | < 450.216.04-0ubuntu0.22.10.1 | UNKNOWN |
ubuntu | 23.04 | noarch | nvidia-graphics-drivers-450-server | < 450.216.04-0ubuntu1 | UNKNOWN |
ubuntu | 18.04 | noarch | nvidia-graphics-drivers-470 | < 470.161.03-0ubuntu0.18.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | nvidia-graphics-drivers-470 | < 470.161.03-0ubuntu0.20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | nvidia-graphics-drivers-470 | < 470.161.03-0ubuntu0.22.04.1 | UNKNOWN |
ubuntu | 22.10 | noarch | nvidia-graphics-drivers-470 | < 470.161.03-0ubuntu0.22.10.1 | UNKNOWN |