Description

NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization (ASLR) bypass. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7).

Related CPE's

a

nvidia

virtual_gpu_manager

3

o

citrix

hypervisor

2

o

nutanix

ahv

-

o

redhat

enterprise_linux_kernel-based_virtual_machine

2

o

vmware

vsphere

2

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5172

Vendor Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-04-29T19:15:09.137

4 years ago

Last modified

2022-06-28T14:11:45.273

3 years ago