Out-of-Bounds Write Vulnerability in NVIDIA GPU Display Driver for Linux
CVE-2023-0183

7.1HIGH

Key Information:

Vendor

Nvidia
Status
Vgpu Software (guest Driver - Linux), Vgpu Software (virtual Gpu Manager - Citrix Hypervisor, Vmware Vsphere, Red Hat Enterprise Linux Kvm), Nvidia Cloud Gaming (guest Driver - Linux), Nvidia Cloud Gaming (virtual Gpu Manager - Red Hat Enterprise Linux Kvm)
Vendor
CVE Published:
1 April 2023

What is CVE-2023-0183?

The NVIDIA GPU Display Driver for Linux contains a significant vulnerability within the kernel mode layer, specifically an out-of-bounds write issue. This flaw can lead to severe consequences, including service interruption and potential manipulation of sensitive data. It is crucial for users and system administrators to address this vulnerability promptly to safeguard their systems from exploitation and ensure operational integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

vGPU software (guest driver - Linux), vGPU software (Virtual GPU Manager - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM), NVIDIA Cloud Gaming (guest driver - Linux), NVIDIA Cloud Gaming (Virtual GPU Manager - Red Hat Enterprise Linux KVM) All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5452
https://security.gentoo.org/glsa/202310-02

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.