CVE-2023-0185

Summary

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIAvGPU software (Virtual GPU Manager - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM), NVIDIA Cloud Gaming (Virtual GPU Manager - Red Hat Enterprise Linux KVM)All versions prior to and including 15.1, 13.6, 11.11, and all versions prior to and including February 2023 releaseaffected

Weaknesses

  • CWE-196: CWE-196: Unsigned to Signed Conversion Error

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References