NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
References
| Link | Resource |
|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5142 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
11 Jan 2021, 20:53
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 6.3 |
| References | (CONFIRM) https://nvidia.custhelp.com/app/answers/detail/a_id/5142 - Vendor Advisory | |
| CPE | cpe:2.3:o:nutanix:ahv:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:* cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:* cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:* cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:* |
|
| CWE | CWE-362 |
08 Jan 2021, 15:47
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-01-08 15:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-1061
Mitre link : CVE-2021-1061
CVE.ORG link : CVE-2021-1061
JSON object : View
Products Affected
redhat
- enterprise_linux_kernel-based_virtual_machine
nutanix
- ahv
nvidia
- virtual_gpu_manager
citrix
- hypervisor
vmware
- vsphere
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')