CVE-2022-21816

CWE-284Improper Access ControlCWE-306Missing Authentication3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 90.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Nvidia Cloud Gaming Virtual GPUNvidia Virtual GPUNvidia Nvidia Virtual GPU Software AND Nvidia Cloud Gaming
Timeline
PublishedFeb 7
Latest updateFeb 8

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5nvidia/nvidia_virtual_gpu_software_and_nvidia_cloud_gamingvGPU version 13.x (prior to 13.2), version 11.x (prior to 11.7) and version 8.x (prior 8.10).
NVDnvidia/virtual_gpu8.08.10+2

🔴Vulnerability Details

2
GHSA
GHSA-53c5-pg42-pffh: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia2022-02-08
CVEList
CVE-2022-21816: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia2022-02-07
CVE-2022-21816 (MEDIUM CVSS 5.5) | NVIDIA vGPU software contains a vul | cvebase.io