Vulnerabilities > CVE-2023-31021 - NULL Pointer Dereference vulnerability in Nvidia Virtual GPU

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
nvidia
CWE-476
NVD
Published: 2023-11-02
Updated: 2023-11-13

Summary

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

Vulnerable Configurations

Part Description Count
Application
Nvidia
34
Application
Microsoft
1
OS
Canonical
1
OS
Citrix
1
OS
Linux-Kvm
1
OS
Redhat
1
OS
Vmware
1

Common Weakness Enumeration (CWE)

References