CVE-2022-42261

HIGH

NVIDIA vGPU < 11.11 - Buffer Overflow in Virtual GPU Manager

Title source: llm
STIX 2.1

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.

References (2)

Core 2
Core References
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202310-02

Scores

CVSS v3 7.8
EPSS 0.0026
EPSS Percentile 17.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-120
Status published
Products (3)
nvidia/cloud_gaming < 525.60.12
nvidia/gpu_display_driver 470 - 470.161.03
nvidia/virtual_gpu < 11.11
Published Dec 30, 2022
Tracked Since Feb 18, 2026