CVE-2021-1119

CWE-4154 documents4 sources
Severity
7.1HIGH
EPSS
0.0%
top 85.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Virtual GPUNvidia Nvidia Virtual GPU Software
Timeline
PublishedOct 29
Latest updateMay 24

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages2 packages

CVEListV5nvidia/nvidia_virtual_gpu_softwarevGPU version 13.x (prior to 13.1), 12.x (prior to 12.4), version 11.x (prior to 11.6) and version 8.x (prior 8.9).
NVDnvidia/virtual_gpu8.08.9+3

🔴Vulnerability Details

2
GHSA
GHSA-vx72-c8cv-7pvq: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial o2022-05-24
CVEList
CVE-2021-1119: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial o2021-10-29

🕵️Threat Intelligence

1
Talos
Vulnerability Spotlight: DoS vulnerability in ATIKMDAG.SYS AMD graphics driver2020-10-07
CVE-2021-1119 (HIGH CVSS 7.1) | NVIDIA vGPU software contains a vul | cvebase.io