CVE-2021-1066

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvidiaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
nvidiavirtual_gpu_manager
8.0 ≤
𝑥
< 8.6
nvidiavirtual_gpu_manager
11.0 ≤
𝑥
< 11.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5142
https://nvidia.custhelp.com/app/answers/detail/a_id/5142