Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-1090 | Classic Buffer Overflow vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service. | 7.1 |
| 2021-07-22 | CVE-2021-1091 | Link Following vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service. | 7.1 |
| 2021-07-22 | CVE-2021-1092 | Link Following vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss. | 7.1 |
| 2021-07-21 | CVE-2021-1097 | Improper Input Validation vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. | 7.8 |
| 2021-07-21 | CVE-2021-1098 | Improper Resource Shutdown or Release vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. | 7.8 |
| 2021-07-21 | CVE-2021-1099 | Out-of-bounds Write vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. | 7.8 |
| 2021-06-30 | CVE-2021-34380 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot. | 7.8 |
| 2021-06-30 | CVE-2021-34381 | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function, which might lead to denial of service, information disclosure, or data tampering. | 7.8 |
| 2021-06-30 | CVE-2021-34382 | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel. | 7.8 |
| 2021-06-30 | CVE-2021-34384 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution. | 7.8 |