CVE-2023-31016: CVE
First published: Thu Nov 02 2023(Updated: )
NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Virtual GPU | <13.9 | |
| NVIDIA Virtual GPU | >=14.0<15.4 | |
| NVIDIA Virtual GPU | >=16.0<16.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-31016?
CVE-2023-31016 is a vulnerability in the NVIDIA GPU Display Driver for Windows that allows an attacker to execute arbitrary code and can lead to various security issues.
How severe is CVE-2023-31016?
CVE-2023-31016 has a severity score of 7.3 (high).
What is the affected software?
The affected software is NVIDIA Virtual GPU with versions up to 13.9, versions between 14.0 and 15.4 (exclusive), and versions between 16.0 and 16.2 (exclusive).
How can CVE-2023-31016 be exploited?
CVE-2023-31016 can be exploited by an attacker by manipulating the search path element, allowing them to execute arbitrary code.
How can I fix CVE-2023-31016?
To fix CVE-2023-31016, it is recommended to update the NVIDIA GPU Display Driver for Windows to the latest version available from NVIDIA.
- collector/nvd-api
- agent/author
- agent/severity
- agent/references
- agent/title
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/14.0
- version/nvidia virtual gpu/16.0
- vendor/microsoft
- canonical/microsoft windows