Primary

Context

NVIDIA vGPU Software Information Disclosure Vulnerability in Virtual GPU Manager

Vulnerability

Patched

A vulnerability allowing information disclosure has been identified in NVIDIA vGPU software, specifically in the Virtual GPU Manager component. This issue arises because a guest virtual machine can access global GPU metrics that may be affected by activities in other virtual machines. The vulnerability is present in all versions of the vGPU software prior to and including vGPU 18.3, as well as in all versions prior to and including vGPU 16.10.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, specifically global GPU metrics that may be influenced by other virtual machines' activities.

Remediation

Users can upgrade to vGPU 18.4 or vGPU 16.11, both of which include the necessary security update. For vGPU software updates, visit the NVIDIA Licensing Portal.

Added: Aug 2, 2025, 11:18 PM

Updated: Aug 2, 2025, 11:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA vGPU Software Information Disclosure Vulnerability in Virtual GPU Manager

Vulnerability

Impact

Remediation

Affected Products

NVIDIA Virtual GPU Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating