CVE-2021-1061

CWE-362Race Condition3 documents3 sources
Severity
6.3MEDIUM
EPSS
0.0%
top 87.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Virtual GPU ManagerNvidia Nvidia Virtual GPU Manager
Timeline
PublishedJan 8
Latest updateMay 24

Description

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.0 | Impact: 5.2

Affected Packages2 packages

NVDnvidia/virtual_gpu_manager8.08.6+1
CVEListV5nvidia/nvidia_virtual_gpu_managerVersion 8.x (prior to 8.6) and version 11.0 (prior to 11.3)

🔴Vulnerability Details

2
GHSA
GHSA-g8gv-6qwm-g2m8: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously va2022-05-24
CVEList
CVE-2021-1061: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously va2021-01-08
CVE-2021-1061 (MEDIUM CVSS 6.3) | NVIDIA vGPU manager contains a vuln | cvebase.io