- Description
- NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
- Source
- psirt@nvidia.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.3
- Impact score
- 5.2
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 4.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:N/A:P
- nvd@nist.gov
- CWE-362
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DA97A67-954D-4736-8E12-4297A2800942",
"versionEndExcluding": "8.6",
"versionStartIncluding": "8.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6394FDD5-DFFC-4F30-AD8B-BECF8889E829",
"versionEndExcluding": "11.3",
"versionStartIncluding": "11.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F7AE5C32-E060-44BA-8C13-3D73204191EE"
},
{
"criteria": "cpe:2.3:o:nutanix:ahv:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A64905FE-AC41-4804-9F9F-0B24E7323590"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428"
},
{
"criteria": "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]