PT-2021-13455 · Nvidia · Nvidia Vgpu Manager

Published

2021-01-08

Updated

2021-01-11

CVE-2021-1059

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA vGPU manager versions 8.x prior to 8.6 NVIDIA vGPU manager versions 11.0 prior to 11.3

Description The NVIDIA vGPU manager contains a vulnerability in the vGPU plugin where an input index is not validated, potentially leading to integer overflow. This could result in tampering of data, information disclosure, or denial of service.

Recommendations For versions 8.x prior to 8.6, update to version 8.6 or later. For versions 11.0 prior to 11.3, update to version 11.3 or later.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2021-1059

Affected Products

Nvidia Vgpu Manager

PT-2021-13455 · Nvidia · Nvidia Vgpu Manager

CVE-2021-1059

Weakness Enumeration

Related Identifiers

Affected Products

References · 4