CVE-2021-1103

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

4.4MEDIUM

EPSS

0.0%

top 86.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Virtual GPU Nvidia Nvidia Virtual GPU Software

Timeline

PublishedJul 21

Latest updateMay 24

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5nvidia/nvidia_virtual_gpu_softwarevGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

▶NVDnvidia/virtual_gpu8.0 — 8.8+2

Patches

Patch: nvidia.custhelp.com ↗Patch: nvidia.custhelp.com ↗

🔴Vulnerability Details

GHSA

GHSA-q8p8-w3c9-67g5: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to den↗2022-05-24

▶

CVEList

CVE-2021-1103: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to den↗2021-07-21

▶