Vulnerabilities > Nvidia > Virtual GPU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-28188 | Improper Input Validation vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service. | 4.9 |
| 2022-05-17 | CVE-2022-28191 | Resource Exhaustion vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service. | 4.9 |
| 2022-02-07 | CVE-2022-21813 | Improper Handling of Exceptional Conditions vulnerability in Nvidia products NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | 6.1 |
| 2022-02-07 | CVE-2022-21815 | NULL Pointer Dereference vulnerability in Nvidia products NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash. | 4.9 |
| 2022-02-07 | CVE-2022-21816 | Missing Authentication for Critical Function vulnerability in Nvidia Cloud Gaming Virtual GPU and Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service. | 5.5 |
| 2021-10-29 | CVE-2021-1118 | Improper Privilege Management vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service | 4.6 |
| 2021-10-29 | CVE-2021-1120 | Unspecified vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. | 4.6 |
| 2021-07-21 | CVE-2021-1097 | Improper Input Validation vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. | 4.6 |
| 2021-07-21 | CVE-2021-1098 | Improper Resource Shutdown or Release vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. | 4.6 |
| 2021-07-21 | CVE-2021-1099 | Out-of-bounds Write vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. | 4.6 |