CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1087
https://notcve.org/view.php?id=CVE-2021-1087
29 Apr 2021 — NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization (ASLR) bypass. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7). El controlador NVIDIA vGPU contiene una vulnerabilidad en Virtual GPU Manager (plugin vGPU), que podría permitir a un atacante recuperar información que podría conllevar a una omisión de Addre... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 •
CVSS: 7.3EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1085
https://notcve.org/view.php?id=CVE-2021-1085
29 Apr 2021 — NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what information is obtained. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7). El controlador NVIDIA vGPU cont... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1084
https://notcve.org/view.php?id=CVE-2021-1084
29 Apr 2021 — NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4). El controlador NVIDIA vGPU contiene una vulnerabilidad en el controlador del modo kernel invitado y Virtual GPU Manager (plugin vGPU), en el que la longitud de la entrada no es comprobada, lo... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1083
https://notcve.org/view.php?id=CVE-2021-1083
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4). El software NVIDIA vGPU contiene una vulnerabilidad en el controlador del modo kernel invitado y el Virtual GPU Manager (plugin vGPU), en el que la longitud de la entrada no es comprobada,... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-1081
https://notcve.org/view.php?id=CVE-2021-1081
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7). El software NVIDIA vGPU contiene una vulnerabilidad en el controlador de modo de kernel invitado y el administrador de Virtual GPU (plugin vGPU), en el que la long... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1082
https://notcve.org/view.php?id=CVE-2021-1082
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7) El software NVIDIA vGPU contiene una vulnerabilidad en Virtual GPU Manager (plugin vGPU), en la que no es comprobada una longitud de la entrada, lo que puede conllevar a una divulgación de información, m... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-1080
https://notcve.org/view.php?id=CVE-2021-1080
29 Apr 2021 — NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7). El software NVIDIA vGPU contiene una vulnerabilidad en Virtual GPU Manager (plugin vGPU), en la que determinados datos de la entrada no se comprobaban, lo que puede conllevar a una divulgac... • https://nvidia.custhelp.com/app/answers/detail/a_id/5172 • CWE-20: Improper Input Validation •
CVSS: 3.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-20239 – kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure
https://notcve.org/view.php?id=CVE-2021-20239
16 Mar 2021 — A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.4.92 en el protocolo BPF. Este fallo permite a un atacante con una cuenta local filtrar información sobre las direcciones internas del kernel. • https://bugzilla.redhat.com/show_bug.cgi?id=1923636 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-822: Untrusted Pointer Dereference •
CVSS: 6.4EPSS: 0%CPEs: 7EXPL: 0CVE-2021-20261 – Ubuntu Security Notice USN-4904-1
https://notcve.org/view.php?id=CVE-2021-20261
11 Mar 2021 — A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw. Se encontró una condición de carrera en la implementación del kernel de Linux del software m... • https://bugzilla.redhat.com/show_bug.cgi?id=1932150 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 2CVE-2021-3411 – Ubuntu Security Notice USN-4912-1
https://notcve.org/view.php?id=CVE-2021-3411
09 Mar 2021 — A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.10. Se encontró una violación del acceso a la memoria al detectar un relleno de int3 en el estado de enlace. • http://blog.pi3.com.pl/?p=831 • CWE-94: Improper Control of Generation of Code ('Code Injection') •