CVE-2023-31020: CVE
First published: Thu Nov 02 2023(Updated: )
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Virtual GPU | <13.9 | |
| NVIDIA Virtual GPU | >=14.0<15.4 | |
| NVIDIA Virtual GPU | >=16.0<16.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-31020?
CVE-2023-31020 is a vulnerability in the NVIDIA GPU Display Driver for Windows that allows an unprivileged regular user to cause improper access control, leading to denial of service or data tampering.
What software is affected by CVE-2023-31020?
NVIDIA Virtual GPU versions up to 13.9, versions between 14.0 to 15.4, and versions between 16.0 to 16.2 are affected by CVE-2023-31020.
What is the severity of CVE-2023-31020?
The severity of CVE-2023-31020 is rated as high with a CVSS score of 7.1.
How can this vulnerability be exploited?
An unprivileged regular user can exploit CVE-2023-31020 by causing improper access control in the NVIDIA GPU Display Driver for Windows.
Is there a fix available for CVE-2023-31020?
Yes, it is recommended to update the NVIDIA Virtual GPU software to the latest version to mitigate the vulnerability.
- collector/nvd-api
- agent/severity
- agent/references
- agent/weakness
- agent/title
- agent/author
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia virtual gpu
- version/nvidia virtual gpu/14.0
- version/nvidia virtual gpu/16.0
- vendor/microsoft
- canonical/microsoft windows