CVE-2021-1081

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7).
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*
OR cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:nutanix:ahv:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*
OR cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:43

Type Values Removed Values Added
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5172 - Vendor Advisory () https://nvidia.custhelp.com/app/answers/detail/a_id/5172 - Vendor Advisory

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE CWE-20 CWE-1284

Information

Published : 2021-04-29 19:15

Updated : 2024-11-21 05:43


NVD link : CVE-2021-1081

Mitre link : CVE-2021-1081

CVE.ORG link : CVE-2021-1081


JSON object : View

Products Affected

nvidia

  • virtual_gpu_manager

citrix

  • hypervisor

vmware

  • vsphere

linux

  • linux_kernel

redhat

  • enterprise_linux_kernel-based_virtual_machine

microsoft

  • windows

nutanix

  • ahv
CWE
CWE-1284

Improper Validation of Specified Quantity in Input