CVE-2021-1119

Summary

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA Virtual GPU SoftwarevGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9).affected

Weaknesses

  • CWE-415: CWE-415: Double Free

ADP Enrichment

CVE Program Container

Additional References

References