- Description
- NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure.
- Source
- psirt@nvidia.com
- NVD status
- Modified
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@nvidia.com
- CWE-285
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45F338C5-245D-4D10-9B48-B56B7094F167",
"versionEndExcluding": "11.8",
"versionStartIncluding": "11.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98C8F13F-2F8F-4BAE-B971-582084B93D58",
"versionEndExcluding": "13.3",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CB2F728-3BFD-418D-AC29-A4165D1E7CA6"
},
{
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:14.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3C0C0B2-C4DC-4DB8-BD80-D6082FD1248B"
}
],
"operator": "OR"
}
]
}
]