CVE-2022-31609

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure.

Published: Aug 5, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-31609
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
nvidia / virtual_gpu	13.0	13.3
nvidia / virtual_gpu	11.0	11.8
nvidia / virtual_gpu	14.0	14.0.x
nvidia / virtual_gpu	14.1	14.1.x

https://nvidia.custhelp.com/app/answers/detail/a_id/5383

Vulnerability Database

289,871

CVE-2022-31609