Vulnerabilities > CVE-2023-0185 - Incorrect Conversion between Numeric Types vulnerability in Nvidia Virtual GPU

CVSS 7.1 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

nvidia

CWE-681

NVD

Published: 2023-04-01

Updated: 2023-10-19

Summary

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia Virtual GPU - Nvidia Virtual GPU 8.0 Nvidia Virtual GPU 8.1 Nvidia Virtual GPU 8.2 Nvidia Virtual GPU 8.3 Nvidia Virtual GPU 8.9 Nvidia Virtual GPU 8.10 Nvidia Virtual GPU 9.0 Nvidia Virtual GPU 9.1 Nvidia Virtual GPU 9.2 Nvidia Virtual GPU 9.3 Nvidia Virtual GPU 10.0 Nvidia Virtual GPU 10.1 Nvidia Virtual GPU 10.2 Nvidia Virtual GPU 11.0 Nvidia Virtual GPU 11.6 Nvidia Virtual GPU 11.7 Nvidia Virtual GPU 11.8 Nvidia Virtual GPU 11.11 Nvidia Virtual GPU 13.0 Nvidia Virtual GPU 13.1 Nvidia Virtual GPU 13.2 Nvidia Virtual GPU 13.3 Nvidia Virtual GPU 13.6 Nvidia Virtual GPU 15.0 Nvidia Virtual GPU 15.1	26
OS	Citrix Citrix Hypervisor -	1
OS	Redhat Redhat Enterprise Linux Kernel Based Virtual Machine -	1
OS	Vmware Vmware Vsphere -	1

Common Weakness Enumeration (CWE)

CWE-681 - Incorrect Conversion between Numeric Types

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References