CVE-2023-31026

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 95.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Virtual GPU Nvidia Vgpu Driver AND Cloud Gaming Driver

Timeline

PublishedNov 2

Description

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5nvidia/vgpu_driver_and_cloud_gaming_driverAll versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release

▶NVDnvidia/virtual_gpu14.0 — 15.4+2

🔴Vulnerability Details

CVEList

CVE↗2023-11-02

▶

GHSA

GHSA-6vvw-33jj-q64f: NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lea↗2023-11-02

▶