CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
13.0%
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.
Vendor | Product | Version | CPE |
---|---|---|---|
nvidia | virtual_gpu | * | cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:* |
citrix | hypervisor | - | cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:* |
linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
redhat | enterprise_linux_kernel-based_virtual_machine | - | cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:* |
vmware | vsphere | - | cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:* |
nvidia | cloud_gaming | * | cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:* |
nvidia | gpu_display_driver | * | cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:* |
nvidia | geforce | - | cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:* |
nvidia | nvs | - | cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:* |
nvidia | quadro | - | cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:* |
[
{
"vendor": "NVIDIA",
"product": "vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)",
"versions": [
{
"version": "All versions prior to and including 14.2, 13.4, and 11.9, and all versions prior to the November 2022 release",
"status": "affected"
}
]
}
]