PT-2021-13481 · Nvidia · Nvidia Gpu Driver
Published
2021-04-29
·
Updated
2021-05-28
·
CVE-2021-1085
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NVIDIA vGPU driver versions 8.x through 8.6
NVIDIA vGPU driver versions 11.x through 11.3
NVIDIA vGPU driver versions 12.x through 12.1
Description
The NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated. This may lead to denial of service, escalation of privileges, and information disclosure. However, the attacker does not have control over what information is obtained.
Recommendations
For versions 8.x through 8.6, update to version 8.7 or later.
For versions 11.x through 11.3, update to version 11.4 or later.
For versions 12.x through 12.1, update to version 12.2 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nvidia Gpu Driver