CVE-2023-31019: CVE
First published: Thu Nov 02 2023(Updated: )
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Virtual GPU | <13.9 | |
| NVIDIA Virtual GPU | >=14.0<15.4 | |
| NVIDIA Virtual GPU | >=16.0<16.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this NVIDIA GPU Display Driver vulnerability?
The vulnerability ID for this NVIDIA GPU Display Driver vulnerability is CVE-2023-31019.
What is the affected software for this vulnerability?
The affected software for this vulnerability is NVIDIA Virtual GPU and Microsoft Windows.
What is the severity rating of vulnerability CVE-2023-31019?
The severity rating of vulnerability CVE-2023-31019 is 7.8 (high).
What is the description of vulnerability CVE-2023-31019?
Vulnerability CVE-2023-31019 is a vulnerability in NVIDIA GPU Display Driver for Windows that allows potential impersonation to the client's secure context.
How can I fix vulnerability CVE-2023-31019?
To fix vulnerability CVE-2023-31019, apply the relevant security patches provided by NVIDIA and Microsoft.
- collector/nvd-api
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/title
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/14.0
- version/nvidia virtual gpu/16.0
- vendor/microsoft
- canonical/microsoft windows