CVE-2021-1063
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
El administrador de NVIDIA vGPU contiene una vulnerabilidad en el plugin vGPU, en la que un desplazamiento de la entrada no es comprobado, lo que puede conllevar a una lectura excesiva del búfer, que a su vez puede causar una alteración de los datos, divulgación de información o una denegación de servicio. Esto afecta a vGPU versiones 8.x (anteriores a 8.6) y versiones 11.0 (anteriores a 11.3)
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-12 CVE Reserved
- 2021-01-08 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5142 | 2021-01-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 8.0 < 8.6 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 8.0 < 8.6" | - |
Affected
| in | Citrix Search vendor "Citrix" | Hypervisor Search vendor "Citrix" for product "Hypervisor" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 8.0 < 8.6 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 8.0 < 8.6" | - |
Affected
| in | Nutanix Search vendor "Nutanix" | Ahv Search vendor "Nutanix" for product "Ahv" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 8.0 < 8.6 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 8.0 < 8.6" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Kernel-based Virtual Machine Search vendor "Redhat" for product "Enterprise Linux Kernel-based Virtual Machine" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 8.0 < 8.6 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 8.0 < 8.6" | - |
Affected
| in | Vmware Search vendor "Vmware" | Vsphere Search vendor "Vmware" for product "Vsphere" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 11.0 < 11.3 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 11.0 < 11.3" | - |
Affected
| in | Citrix Search vendor "Citrix" | Hypervisor Search vendor "Citrix" for product "Hypervisor" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 11.0 < 11.3 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 11.0 < 11.3" | - |
Affected
| in | Nutanix Search vendor "Nutanix" | Ahv Search vendor "Nutanix" for product "Ahv" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 11.0 < 11.3 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 11.0 < 11.3" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Kernel-based Virtual Machine Search vendor "Redhat" for product "Enterprise Linux Kernel-based Virtual Machine" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Virtual Gpu Manager Search vendor "Nvidia" for product "Virtual Gpu Manager" | >= 11.0 < 11.3 Search vendor "Nvidia" for product "Virtual Gpu Manager" and version " >= 11.0 < 11.3" | - |
Affected
| in | Vmware Search vendor "Vmware" | Vsphere Search vendor "Vmware" for product "Vsphere" | - | - |
Safe
|