NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7).
References
| Link | Resource |
|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5172 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
History
07 May 2021, 20:48
| Type | Values Removed | Values Added |
|---|---|---|
| References | (CONFIRM) https://nvidia.custhelp.com/app/answers/detail/a_id/5172 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
| CPE | cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:* cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:* cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:* cpe:2.3:o:nutanix:ahv:-:*:*:*:*:*:*:* |
|
| CWE | CWE-20 |
29 Apr 2021, 19:35
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-04-29 19:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-1080
Mitre link : CVE-2021-1080
CVE.ORG link : CVE-2021-1080
JSON object : View
Products Affected
redhat
- enterprise_linux_kernel-based_virtual_machine
citrix
- hypervisor
vmware
- vsphere
nvidia
- virtual_gpu_manager
nutanix
- ahv
CWE
CWE-20
Improper Input Validation