NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5415 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2022-12-30 15:15
Updated : 2023-01-11 12:21
NVD link : CVE-2022-42261
Mitre link : CVE-2022-42261
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
nvidia
- rtx
- nvs
- virtual_gpu
- geforce
- cloud_gaming
- quadro
- gpu_display_driver
- tesla
redhat
- enterprise_linux_kernel-based_virtual_machine
vmware
- vsphere
citrix
- hypervisor
linux
- linux_kernel