CVE
CVE-2023-31021

5.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Vgpu Driver And Cloud Gaming Driver
Vendor: CVE Published:; 2 November 2023

What is CVE-2023-31021?

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

Affected Version(s)

vGPU driver and Cloud gaming driver All versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5491

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 2, 2023
Vulnerability Reserved
Apr 22, 2023

Nvidia

What is CVE-2023-31021?

Affected Version(s)

References

CVSS V3.1

Timeline