CVE-2023-0189

CWE-8225 documents5 sources
Severity
7.8HIGH
EPSS
0.1%
top 65.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Virtual GPU
Timeline
PublishedApr 1

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages7 packages

Debiannvidia-graphics-drivers< 470.182.03-1+3
Debiannvidia-graphics-drivers-tesla< 525.105.17-1
Debiannvidia-open-gpu-kernel-modules< 525.105.17-1+2
Debiannvidia-graphics-drivers-tesla-450< 450.236.01-1~deb11u1
Debiannvidia-graphics-drivers-tesla-460< 460.106.00-3

🔴Vulnerability Details

3
GHSA
GHSA-2ff5-j2jm-mwcq: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, esc2023-04-01
CVEList
CVE-2023-0189: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, esc2023-04-01
OSV
CVE-2023-0189: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, esc2023-04-01

📋Vendor Advisories

1
Debian
CVE-2023-0189: nvidia-graphics-drivers - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode ...2023
CVE-2023-0189 (HIGH CVSS 7.8) | NVIDIA GPU Display Driver for Linux | cvebase.io