CVE-2023-31018

CWE-476 — NULL Pointer Dereference4 documents4 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 86.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Virtual GPU Nvidia Vgpu Driver AND Cloud Gaming Driver

Timeline

PublishedNov 2

Description

NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages8 packages

▶Ubuntunvidia-graphics-drivers-470< 470.223.02-0ubuntu0.20.04.1+2

▶Ubuntunvidia-graphics-drivers-525< 525.147.05-0ubuntu0.20.04.1+2

▶Ubuntunvidia-graphics-drivers-535< 535.129.03-0ubuntu0.20.04.1+1

▶Ubuntunvidia-graphics-drivers-470-server< 470.223.02-0ubuntu0.20.04.1+2

▶Ubuntunvidia-graphics-drivers-525-server< 525.147.05-0ubuntu0.20.04.1+2

🔴Vulnerability Details

OSV

CVE-2023-31018: NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer↗2023-11-02

▶

GHSA

GHSA-7jrw-jh47-4684: NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer↗2023-11-02

▶

CVEList

CVE↗2023-11-02

▶