// For flags

CVE-2022-28192

 

Severity Score

4.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges.

El software NVIDIA vGPU contiene una vulnerabilidad en el Administrador de la GPU Virtual (nvidia.ko), que puede conllevar a un uso de memoria previamente liberada, que a su vez puede causar una denegaciĆ³n de servicio. Este ataque es complejo de llevar a cabo porque el atacante necesita tener control sobre la liberaciĆ³n de algunos recursos del lado del host fuera de secuencia, lo que requiere altos privilegios

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-03-30 CVE Reserved
  • 2022-05-17 CVE Published
  • 2023-12-08 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-416: Use After Free
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
https://nvidia.custhelp.com/app/answers/detail/a_id/5353 2022-05-26
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Nvidia
Search vendor "Nvidia"
 Virtual Gpu
Search vendor "Nvidia" for product "Virtual Gpu"
 >= 11.0 < 11.8
Search vendor "Nvidia" for product "Virtual Gpu" and version " >= 11.0 < 11.8"
-
Affected
Nvidia
Search vendor "Nvidia"
 Virtual Gpu
Search vendor "Nvidia" for product "Virtual Gpu"
 >= 13.0 < 13.3
Search vendor "Nvidia" for product "Virtual Gpu" and version " >= 13.0 < 13.3"
-
Affected
Nvidia
Search vendor "Nvidia"
 Virtual Gpu
Search vendor "Nvidia" for product "Virtual Gpu"
 14.0
Search vendor "Nvidia" for product "Virtual Gpu" and version "14.0"
-
Affected