PT-2021-13483 · Nvidia · Nvidia Gpu Driver

Published

2021-04-29

Updated

2021-05-07

CVE-2021-1087

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions NVIDIA vGPU driver versions prior to 12.2 NVIDIA vGPU driver versions prior to 11.4 NVIDIA vGPU driver versions prior to 8.7

Description The NVIDIA vGPU driver contains an issue in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to retrieve information, potentially leading to an Address Space Layout Randomization (ASLR) bypass. ASLR is a security feature that randomizes the location of key data areas in memory to prevent attackers from predicting where their target code will be loaded.

Recommendations For versions prior to 12.2, update to version 12.2 or later. For versions prior to 11.4, update to version 11.4 or later. For versions prior to 8.7, update to version 8.7 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-1087

Affected Products

Nvidia Gpu Driver

PT-2021-13483 · Nvidia · Nvidia Gpu Driver

CVE-2021-1087

Related Identifiers

Affected Products

References · 3