CVE-2022-31618

Published: 5 August 2022

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service.

Notes

Author	Note
sbeattie	affects cGPU manager only
mdeslaur	some binary drivers are no longer support by NVidia, so they are marked as ignored here

Priority

Cvss 3 Severity Score

5.5

Score breakdown

Status

Package	Release	Status
nvidia Launchpad, Ubuntu, Debian	upstream	Not vulnerable (vGPU manager only)
nvidia-graphics-drivers-304 Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Ignored
	mantic	Does not exist
nvidia-graphics-drivers-304-updates Launchpad, Ubuntu, Debian	bionic	Does not exist
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-340 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Not vulnerable (superseded)
	kinetic	Not vulnerable (superseded)
	lunar	Not vulnerable (superseded)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Ignored
	mantic	Not vulnerable (superseded)
nvidia-graphics-drivers-340-updates Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-352 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-352-updates Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-361 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-367 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-375 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Not vulnerable (superseded)
	mantic	Does not exist
nvidia-graphics-drivers-384 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Needs triage
	mantic	Does not exist
nvidia-graphics-drivers-390 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-418-server Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-430 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Ignored
nvidia-graphics-drivers-435 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Ignored
nvidia-graphics-drivers-440 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Ignored
nvidia-graphics-drivers-440-server Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-450 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Ignored
nvidia-graphics-drivers-450-server Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-455 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Ignored
nvidia-graphics-drivers-460 Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Ignored
	kinetic	Ignored
	lunar	Ignored
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Ignored
nvidia-graphics-drivers-460-server Launchpad, Ubuntu, Debian	bionic	Ignored
	focal	Ignored
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-470 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Not vulnerable (vGPU manager only)
nvidia-graphics-drivers-470-server Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Not vulnerable (vGPU manager only)
nvidia-graphics-drivers-495 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (superseded)
	focal	Not vulnerable (superseded)
	jammy	Does not exist
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	kinetic	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-510 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Not vulnerable (vGPU manager only)
nvidia-graphics-drivers-510-server Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Does not exist
nvidia-graphics-drivers-515 Launchpad, Ubuntu, Debian	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	bionic	Not vulnerable (vGPU manager only)
	mantic	Not vulnerable (vGPU manager only)
nvidia-graphics-drivers-515-server Launchpad, Ubuntu, Debian	bionic	Not vulnerable (vGPU manager only)
	focal	Not vulnerable (vGPU manager only)
	jammy	Not vulnerable (vGPU manager only)
	kinetic	Not vulnerable (vGPU manager only)
	lunar	Not vulnerable (vGPU manager only)
	trusty	Does not exist
	upstream	Not vulnerable (vGPU manager only)
	xenial	Does not exist
	mantic	Not vulnerable (vGPU manager only)

Severity score breakdown

Parameter	Value
Base score	5.5
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›