Home > Vulnerability Database > CVE-2022-28192

Mend.io Vulnerability Database

CVE-2022-28192

Date: May 17, 2022

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges.

Severity Score

4.1

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-28192

Url: https://nvidia.custhelp.com/app/answers/detail/a_id/5353

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2022-28192

Url: https://security-tracker.debian.org/tracker/CVE-2022-28192

Url: https://www.mend.io/vulnerability-database/CVE-2022-28192

Severity Score

4.1

Weakness Type (CWE)

Use After Free

CWE-416

CVSS v3.1

Base Score:	4.1
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	1.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2022-28192

Date: May 17, 2022

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?