Integer Overflow Vulnerability in NVIDIA GPU Display Driver for Linux
CVE-2023-25516

7.1HIGH

Key Information:

Vendor: Nvidia
Status: Gpu Display Driver For Linux
Vendor: CVE Published:; 4 July 2023

Summary

The NVIDIA GPU Display Driver for Linux features a vulnerability in its kernel mode layer that allows unprivileged users to trigger an integer overflow. This can result in unexpected behavior, potentially leading to information disclosure or denial of service. Proper measures to mitigate this vulnerability should be prioritized to safeguard users against potential exploits.

Affected Version(s)

GPU Display Driver for Linux All versions prior to and including 15.2, 13.7, and 11.12, and all versions prior to and including the May 2023 release

References

https://https://nvidia.custhelp.com/app/answers/detail/a_...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 4, 2023
Vulnerability Reserved
Feb 7, 2023