CVE-2023-31021

Summary

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
nvidiavGPU driver and Cloud gaming driverAll versions prior to and including 13.8, 15.3, 16.1 and all versions prior to and including September 2023 releaseaffected

Weaknesses

  • CWE-476: CWE-476

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References