Overview
- Description
- NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
- Source
- psirt@nvidia.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.3
- Impact score
- 5.2
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 4.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-362
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E66CAA6B-83F7-4698-B4DC-9AC954AF12BF",
"versionEndIncluding": "8.3",
"versionStartIncluding": "8.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "250712C8-C625-4752-ADCB-2BEF561CA150",
"versionEndIncluding": "9.3",
"versionStartIncluding": "9.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FD33583-A96D-46C4-B6A9-0C5465206887",
"versionEndIncluding": "10.2",
"versionStartIncluding": "10.0"
}
],
"operator": "OR"
}
]
}
]