PT-2021-13460 · Nvidia · Nvidia Vgpu Manager

Published

2021-01-08

Updated

2021-01-11

CVE-2021-1064

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA vGPU manager versions 8.x prior to 8.6 NVIDIA vGPU manager versions 11.0 prior to 11.3

Description The NVIDIA vGPU manager contains a vulnerability in the vGPU plugin. This vulnerability occurs when the plugin obtains a value from an untrusted source, converts this value to a pointer, and then dereferences the resulting pointer. This action may lead to information disclosure or denial of service.

Recommendations For versions 8.x prior to 8.6, update to version 8.6 or later. For versions 11.0 prior to 11.3, update to version 11.3 or later.

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2021-1064

Affected Products

Nvidia Vgpu Manager

PT-2021-13460 · Nvidia · Nvidia Vgpu Manager

CVE-2021-1064

Weakness Enumeration

Related Identifiers

Affected Products

References · 5