6.3
CVE-2021-1061
- EPSS 0.04%
- Published 08.01.2021 15:15:12
- Last modified 21.11.2024 05:43:31
- Source psirt@nvidia.com
- Teams watchlist Login
- Open Login
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
Data is provided by the National Vulnerability Database (NVD)
Nvidia ≫ Virtual Gpu Manager Version >= 8.0 < 8.6
Citrix ≫ Hypervisor Version-
Nutanix ≫ Ahv Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Nutanix ≫ Ahv Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Nvidia ≫ Virtual Gpu Manager Version >= 11.0 < 11.3
Citrix ≫ Hypervisor Version-
Nutanix ≫ Ahv Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Nutanix ≫ Ahv Version-
Redhat ≫ Enterprise Linux Kernel-based Virtual Machine Version-
VMware ≫ Vsphere Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.094 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 1 | 5.2 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
|
| nvd@nist.gov | 3.3 | 3.4 | 4.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:P
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.