CVE-2021-1060

CWE-20Improper Input Validation3 documents3 sources
Severity
7.1HIGH
EPSS
0.1%
top 84.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Virtual GPU ManagerNvidia Nvidia Virtual GPU Software
Timeline
PublishedJan 8
Latest updateMay 24

Description

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

CVEListV5nvidia/nvidia_virtual_gpu_softwareVersion 8.x (prior to 8.6) and version 11.0 (prior to 11.3)
NVDnvidia/virtual_gpu_manager8.08.6+1

🔴Vulnerability Details

2
GHSA
GHSA-fg3h-xxgq-pq9h: NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lea2022-05-24
CVEList
CVE-2021-1060: NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lea2021-01-08
CVE-2021-1060 (HIGH CVSS 7.1) | NVIDIA vGPU software contains a vul | cvebase.io