CVE-2022-42262

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.

Published: Dec 31, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-42262
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
nvidia / virtual_gpu	-	11.11
nvidia / virtual_gpu	12.0	13.6
nvidia / virtual_gpu	14.0	14.4
nvidia / cloud_gaming	-	525.60.12
nvidia / gpu_display_driver	470	470.161.03
nvidia / gpu_display_driver	510	510.108.03
nvidia / gpu_display_driver	450	450.216.04

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

Vulnerability Database

289,871

CVE-2022-42262