CVE-2022-42262

HIGH7.8EPSS 0.12%

Published: 12/30/2022Modified: 4/28/2026

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.

Affected packages (6)

Debian/nvidia-graphics-driversfrom 0, < 470.161.03-1
Debian/nvidia-graphics-drivers-teslafrom 0, < 510.108.03-1
Debian/nvidia-graphics-drivers-tesla-418from 0
Debian/nvidia-graphics-drivers-tesla-450from 0, < 450.216.04-1~deb11u1
Debian/nvidia-graphics-drivers-tesla-460from 0, < 460.106.00-3
Debian/nvidia-graphics-drivers-tesla-470from 0, < 470.161.03-1~deb11u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-42262