CVE-2022-31609
Published: 5 August 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure.
Notes
Author | Note |
---|---|
sbeattie | affects vGPU manager only |
mdeslaur | some binary drivers are no longer support by NVidia, so they are marked as ignored here |
Priority
Status
Package | Release | Status |
---|---|---|
nvidia-graphics-drivers-304 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Ignored
|
|
nvidia-graphics-drivers-304-updates Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-340 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Not vulnerable
(superseded)
|
|
kinetic |
Not vulnerable
(superseded)
|
|
lunar |
Not vulnerable
(superseded)
|
|
mantic |
Not vulnerable
(superseded)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Ignored
|
|
nvidia-graphics-drivers-340-updates Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-352 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-352-updates Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-361 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-367 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-375 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-384 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Needs triage
|
|
nvidia-graphics-drivers-390 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-418-server Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-430 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-435 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-440 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-440-server Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-450 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-450-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-455 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-460 Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
kinetic |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-460-server Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
focal |
Ignored
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-470 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Not vulnerable
(vGPU manager only)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-470-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Not vulnerable
(vGPU manager only)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-495 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(superseded)
|
focal |
Not vulnerable
(superseded)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-510 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Not vulnerable
(vGPU manager only)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-510-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-515 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Not vulnerable
(vGPU manager only)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-515-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(vGPU manager only)
|
focal |
Not vulnerable
(vGPU manager only)
|
|
jammy |
Not vulnerable
(vGPU manager only)
|
|
kinetic |
Not vulnerable
(vGPU manager only)
|
|
lunar |
Not vulnerable
(vGPU manager only)
|
|
mantic |
Not vulnerable
(vGPU manager only)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(vGPU manager only)
|
|
xenial |
Does not exist
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.8 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |