Nvidia Virtual Gpu Manager vulnerabilities

CVE-2021-1084 [HIGH] CWE-20 CVE-2021-1084: NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4).

CVE-2021-1087 [MEDIUM] CVE-2021-1087: NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), which could al NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization (ASLR) bypass. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7).

CVE-2021-1060 [HIGH] CWE-20 CVE-2021-1060: NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in wh NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1058 [HIGH] CWE-1284 CVE-2021-1058: NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in wh NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1065 [HIGH] CWE-20 CVE-2021-1065: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validate NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1064 [HIGH] CWE-476 CVE-2021-1064: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1063 [HIGH] CWE-125 CVE-2021-1063: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not val NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1062 [HIGH] CWE-1284 CVE-2021-1062: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is no NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1057 [HIGH] CWE-770 CVE-2021-1057: NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 1

CVE-2021-1059 [HIGH] CWE-190 CVE-2021-1059: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not vali NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1061 [MEDIUM] CWE-362 CVE-2021-1061: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2021-1066 [MEDIUM] CWE-20 CVE-2021-1066: NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validate NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

CVE-2020-5987 [HIGH] CWE-459 CVE-2020-5987: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied param NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. This affects vGPU version 8.x (p

CVE-2020-5988 [HIGH] CWE-415 CVE-2020-5988: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory ca NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

CVE-2020-5983 [HIGH] CWE-787 CVE-2020-5983: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel mo NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of service or information disclosure. This affects vGPU versi

CVE-2020-5985 [HIGH] CWE-20 CVE-2020-5985: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data lengt NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

CVE-2020-5984 [HIGH] CWE-416 CVE-2020-5984: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use- NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

CVE-2020-5986 [MEDIUM] CWE-20 CVE-2020-5986: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

CVE-2020-5989 [MEDIUM] CWE-476 CVE-2020-5989: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

CVE-2020-5970 [HIGH] CWE-20 CVE-2020-5970: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).