CVE-2021-1119
7.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | NVIDIA Virtual GPU Software | vGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9). | affected |
Weaknesses
- CWE-415: CWE-415: Double Free
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.