PT-2021-13459 · Nvidia · Nvidia Vgpu Manager

Published

2021-01-08

Updated

2021-01-11

CVE-2021-1063

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA vGPU manager versions 8.x prior to 8.6 NVIDIA vGPU manager versions 11.0 prior to 11.3

Description The NVIDIA vGPU manager contains a vulnerability in the vGPU plugin where an input offset is not validated, potentially leading to a buffer overread. This could result in tampering of data, information disclosure, or denial of service.

Recommendations For versions 8.x prior to 8.6, update to version 8.6 or later to resolve the issue. For versions 11.0 prior to 11.3, update to version 11.3 or later to resolve the issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2021-1063

Affected Products

Nvidia Vgpu Manager

PT-2021-13459 · Nvidia · Nvidia Vgpu Manager

CVE-2021-1063

Weakness Enumeration

Related Identifiers

Affected Products

References · 5