Vulnerabilities > CVE-2022-28192 - Use After Free vulnerability in Nvidia Virtual GPU

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nvidia

CWE-416

NVD

Published: 2022-05-17

Updated: 2024-11-21

Summary

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia Virtual GPU 13.0 Nvidia Virtual GPU 13.1 Nvidia Virtual GPU 13.2 Nvidia Virtual GPU 11.0 Nvidia Virtual GPU 11.6 Nvidia Virtual GPU 11.7 Nvidia Virtual GPU 14.0	7

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5353
https://nvidia.custhelp.com/app/answers/detail/a_id/5353