CVE-2021-1118

CWE-250CWE-269Improper Privilege ManagementCWE-8335 documents5 sources
Severity
7.8HIGH
EPSS
0.1%
top 70.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Virtual GPUNvidia Nvidia Virtual GPU Software
Timeline
PublishedOct 29
Latest updateMay 24

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5nvidia/nvidia_virtual_gpu_softwarevGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9).
NVDnvidia/virtual_gpu8.08.9+3

🔴Vulnerability Details

2
GHSA
GHSA-753r-rggq-c233: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations2022-05-24
CVEList
CVE-2021-1118: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations2021-10-29
CVE-2021-1118 (HIGH CVSS 7.8) | NVIDIA vGPU software contains a vul | cvebase.io