Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2022-31609

Published: 5 August 2022

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure.

Notes

AuthorNote
sbeattie
affects vGPU manager only
mdeslaur
some binary drivers are no longer support by NVidia, so they
are marked as ignored here

Priority

Medium

Cvss 3 Severity Score

7.8

Score breakdown

Status

Package Release Status
nvidia-graphics-drivers-304
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Ignored

mantic Does not exist

nvidia-graphics-drivers-304-updates
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-340
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Not vulnerable
(superseded)
kinetic Not vulnerable
(superseded)
lunar Not vulnerable
(superseded)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Ignored

mantic Not vulnerable
(superseded)
nvidia-graphics-drivers-340-updates
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-352
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-352-updates
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-361
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-367
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-375
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Not vulnerable
(superseded)
mantic Does not exist

nvidia-graphics-drivers-384
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Needs triage

mantic Does not exist

nvidia-graphics-drivers-390
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-418-server
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-430
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Ignored

nvidia-graphics-drivers-435
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Ignored

nvidia-graphics-drivers-440
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Ignored

nvidia-graphics-drivers-440-server
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-450
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Ignored

nvidia-graphics-drivers-450-server
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-455
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Ignored

nvidia-graphics-drivers-460
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Ignored

kinetic Ignored

lunar Ignored

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Ignored

nvidia-graphics-drivers-460-server
Launchpad, Ubuntu, Debian
bionic Ignored

focal Ignored

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-470
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Not vulnerable
(vGPU manager only)
nvidia-graphics-drivers-470-server
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Not vulnerable
(vGPU manager only)
nvidia-graphics-drivers-495
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(superseded)
focal Not vulnerable
(superseded)
jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-510
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Not vulnerable
(vGPU manager only)
nvidia-graphics-drivers-510-server
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Does not exist

trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Does not exist

nvidia-graphics-drivers-515
Launchpad, Ubuntu, Debian
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

bionic Not vulnerable
(vGPU manager only)
mantic Not vulnerable
(vGPU manager only)
nvidia-graphics-drivers-515-server
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(vGPU manager only)
focal Not vulnerable
(vGPU manager only)
jammy Not vulnerable
(vGPU manager only)
kinetic Not vulnerable
(vGPU manager only)
lunar Not vulnerable
(vGPU manager only)
trusty Does not exist

upstream Not vulnerable
(vGPU manager only)
xenial Does not exist

mantic Not vulnerable
(vGPU manager only)

Severity score breakdown

Parameter Value
Base score 7.8
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H