CVE-2023-0180

CWE-125Out-of-bounds Read5 documents5 sources
Severity
7.1HIGH
EPSS
0.1%
top 79.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Virtual GPU
Timeline
PublishedApr 1

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages7 packages

Debiannvidia-graphics-drivers< 470.182.03-1+3
Debiannvidia-graphics-drivers-tesla< 525.105.17-1
Debiannvidia-open-gpu-kernel-modules< 525.105.17-1+2
Debiannvidia-graphics-drivers-tesla-450< 450.236.01-1~deb11u1
Debiannvidia-graphics-drivers-tesla-460< 460.106.00-3

🔴Vulnerability Details

3
CVEList
CVE-2023-0180: NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclo2023-04-01
GHSA
GHSA-92pm-jgjf-wx6q: NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclo2023-04-01
OSV
CVE-2023-0180: NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclo2023-04-01

📋Vendor Advisories

1
Debian
CVE-2023-0180: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode la...2023
CVE-2023-0180 (HIGH CVSS 7.1) | NVIDIA GPU Display Driver for Linux | cvebase.io