Nvidia Virtual Gpu vulnerabilities

CVE-2022-28191 [MEDIUM] CWE-400 CVE-2022-28191: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontro NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service.

CVE-2022-21816 [MEDIUM] CWE-284 CVE-2022-21816: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user i NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service.

CVE-2021-1120 [HIGH] CWE-170 CVE-2021-1120: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a stri NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead to information disclosure, data tampering, unauthorized code execution, and d

CVE-2021-1118 [HIGH] CWE-250 CVE-2021-1118: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service

CVE-2021-1119 [HIGH] CWE-415 CVE-2021-1119: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.

CVE-2021-1123 [MEDIUM] CWE-667 CVE-2021-1123: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service.

CVE-2021-1122 [MEDIUM] CWE-476 CVE-2021-1122: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service.

CVE-2021-1121 [MEDIUM] CWE-770 CVE-2021-1121: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service.

CVE-2021-1098 [HIGH] CWE-404 CVE-2021-1098: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doe NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU v

CVE-2021-1099 [HIGH] CWE-787 CVE-2021-1099: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could al NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior

CVE-2021-1097 [HIGH] CWE-20 CVE-2021-1097: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it imp NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to send a length field that is inconsistent with the actual length of the input, which may lead to information disclosure, data tampering, or denial of service

CVE-2021-1101 [MEDIUM] CWE-476 CVE-2021-1101: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1100 [MEDIUM] CVE-2021-1100: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia. NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1102 [MEDIUM] CWE-755 CVE-2021-1102: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2021-1103 [MEDIUM] CWE-476 CVE-2021-1103: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

CVE-2020-5973 [MEDIUM] CVE-2020-5973: NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which th NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).