Overview
- Description
- NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
- Source
- psirt@nvidia.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 5.2
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 3.6
- Impact score
- 4.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-415
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EC11059-6D80-4B57-A707-63E18EDA14C6",
"versionEndExcluding": "8.5",
"versionStartIncluding": "8.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8800EEF9-04A5-4854-A138-F322F54353F0",
"versionEndExcluding": "10.4",
"versionStartIncluding": "10.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94272D9F-BBAE-4FA2-8E3C-315FD40A752F"
}
],
"operator": "OR"
}
]
}
]