CVE-2022-31609

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-285
View all →

Vulnerability Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure.

Related Vulnerabilities

CVE-2014-9945

HIGH
CVSS:7.8(High)

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.

CWE-2852014

CVE-2014-9950

HIGH
CVSS:7.8(High)

In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.

CWE-2852014

CVE-2016-7035

HIGH
CVSS:7.8(High)

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for ...

CWE-2852016

CVE-2016-8443

HIGH
CVSS:7.8(High)

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC...

CWE-2852016

CVE-2018-10906

HIGH
CVSS:7.8(High)

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_othe...

CWE-2852018

CVE-2018-13908

HIGH
CVSS:7.8(High)

Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electroni...

CWE-2852018