Nvidia Virtual Gpu Software vulnerabilities

CVE-2021-1120 [HIGH] CWE-170 CVE-2021-1120: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a stri NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead to information disclosure, data tampering, unauthorized code execution, and d

CVE-2021-1119 [HIGH] CWE-415 CVE-2021-1119: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.

CVE-2021-1118 [HIGH] CWE-250 CVE-2021-1118: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service

CVE-2021-1123 [MEDIUM] CWE-667 CVE-2021-1123: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service.

CVE-2021-1122 [MEDIUM] CWE-476 CVE-2021-1122: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service.

CVE-2021-1121 [MEDIUM] CWE-770 CVE-2021-1121: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service.

CVE-2021-1098 [HIGH] CWE-404 CVE-2021-1098: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doe NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU v

CVE-2021-1099 [HIGH] CWE-787 CVE-2021-1099: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could al NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior

CVE-2021-1097 [HIGH] CWE-20 CVE-2021-1097: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it imp NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to send a length field that is inconsistent with the actual length of the input, which may lead to information disclosure, data tampering, or denial of service

CVE-2021-1102 [MEDIUM] CWE-755 CVE-2021-1102: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1101 [MEDIUM] CWE-476 CVE-2021-1101: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1100 [MEDIUM] CVE-2021-1100: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia. NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1103 [MEDIUM] CWE-476 CVE-2021-1103: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1083 [HIGH] CWE-1284 CVE-2021-1083: NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manage NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4).

CVE-2021-1081 [HIGH] CWE-1284 CVE-2021-1081: NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manage NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7).

CVE-2021-1084 [HIGH] CWE-20 CVE-2021-1084: NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4).

CVE-2021-1085 [HIGH] CWE-20 CVE-2021-1085: NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what informati

CVE-2021-1086 [HIGH] CWE-863 CVE-2021-1086: NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or information disclosure. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7).

CVE-2021-1080 [HIGH] CWE-20 CVE-2021-1080: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which cer NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7).

CVE-2021-1082 [HIGH] CWE-1284 CVE-2021-1082: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7)