Vulnerabilities > CVE-2021-1064 - NULL Pointer Dereference vulnerability in Nvidia Virtual GPU Manager

047910
CVSS 7.1 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
nvidia
CWE-476
NVD
Published: 2021-01-08
Updated: 2021-01-11

Summary

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

Vulnerable Configurations

Part Description Count
Application
Nvidia
9
OS
Citrix
1
OS
Nutanix
1
OS
Redhat
1
OS
Vmware
1

Common Weakness Enumeration (CWE)

References