CVE-2022-21820
MEDIUMNVIDIA Data Center GPU Manager < 2.3.5 - Remote Memory Corruption in nvhostengine
Title source: llmDescription
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://nvidia.custhelp.com/app/answers/detail/a_id/5328
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/167396/NVIDIA-Data-Center-GPU-Manager-Remote-Memory-Corruption.html
Scores
CVSS v3
6.3
EPSS
0.1695
EPSS Percentile
96.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-755
CWE-20
CWE-787
Status
published
Products (1)
nvidia/data_center_gpu_manager
< 2.3.5
Published
Mar 24, 2022
Tracked Since
Feb 18, 2026