Primary

Context

NVIDIA vGPU Software Use-After-Free Vulnerability in Virtual GPU Manager Allowing Privilege Escalation and Code Execution

Vulnerability

Patched

A use-after-free vulnerability has been identified in NVIDIA vGPU software, specifically within the Virtual GPU Manager component. This vulnerability allows a malicious guest to access heap memory after it has been freed, potentially leading to unauthorized code execution, privilege escalation, data tampering, denial of service, or information disclosure. The issue affects several different versions and branches of the vGPU software.

Impact

Exploitation of this vulnerability could result in unauthorized code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Remediation

Users can download the updated version of the vGPU software through the NVIDIA Licensing Portal. Instructions for updating can be found on the NVIDIA Product Security page.

Added: Jan 28, 2026, 6:33 PM

Updated: Jan 28, 2026, 6:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.3

remediation

7.7

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.3

remediation

7.7

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA vGPU Software Use-After-Free Vulnerability in Virtual GPU Manager Allowing Privilege Escalation and Code Execution

Vulnerability

Impact

Remediation

Affected Products

NVIDIA Virtual GPU Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating