Vulnerabilities > CVE-2021-1058 - Improper Validation of Specified Quantity in Input vulnerability in Nvidia Virtual GPU Manager

047910
CVSS 7.1 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
nvidia
CWE-1284
NVD
Published: 2021-01-08
Updated: 2023-08-08

Summary

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

Vulnerable Configurations

Part Description Count
Application
Nvidia
9
OS
Citrix
1
OS
Linux
1
OS
Microsoft
1
OS
Nutanix
1
OS
Redhat
1
OS
Vmware
1

Common Weakness Enumeration (CWE)

References