CVE-2025-23246

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to consume uncontrolled resources. A successful exploit of this vulnerability might lead to denial of service.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5630

Configurations

No configuration.

History

02 May 2025, 13:52

Type	Values Removed	Values Added
Summary		(es) El software NVIDIA vGPU para Windows y Linux contiene una vulnerabilidad en el Administrador de GPU Virtual (complemento vGPU), que permite que un invitado consuma recursos sin control. Una explotación exitosa de esta vulnerabilidad podría provocar una denegación de servicio.

01 May 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-01 15:16

Updated : 2025-05-02 13:52

NVD link : CVE-2025-23246

Mitre link : CVE-2025-23246

CVE.ORG link : CVE-2025-23246

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

5.5 /10