製品・ソフトウェアに関する情報

Vulnerability Search

ベンダー検索

Product/Service Search

JVN Vulnerability Search Top

->

JVN脆弱性詳細

NVIDIA Virtual GPU Manager における不正な認証に関する脆弱性

Title	NVIDIA Virtual GPU Manager における不正な認証に関する脆弱性
Summary	NVIDIA Virtual GPU Manager には、不正な認証に関する脆弱性が存在します。
Possible impacts	情報を取得される、および情報を改ざんされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 19, 2021, midnight
Registration Date	Jan. 5, 2022, 4:43 p.m.
Last Update	Jan. 5, 2022, 4:43 p.m.

CVSS3.0 : 重要
Score	7.1
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS2.0 : 注意
Score	3.6
Vector	AV:L/AC:L/Au:N/C:P/I:P/A:N

Affected System

NVIDIA

Virtual GPU Manager 11.4 未満の 11.x

Virtual GPU Manager 12.2 未満の 12.x

Virtual GPU Manager 8.7 未満の 8.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-1086	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1086
National Vulnerability Database (NVD)
2	CVE-2021-1086	https://nvd.nist.gov/vuln/detail/CVE-2021-1086

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-863	https://cwe.mitre.org/data/definitions/863.html

ベンダー情報

No	Name	URL
NVIDIA SUPPORT
1	Security Bulletin: NVIDIA GPU Display Driver - April 2021	https://nvidia.custhelp.com/app/answers/detail/a_id/5172

Change Log

No	Changed Details	Date of change
1	[2022年01月05日] 掲載	Jan. 5, 2022, 4:43 p.m.

NVD Vulnerability Information

CVE-2021-1086

Summary	NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or information disclosure. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7).
Publication Date	April 30, 2021, 4:15 a.m.
Registration Date	April 30, 2021, 10:04 a.m.
Last Update	Nov. 21, 2024, 2:43 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:nvidia:virtual_gpu_manager::::::::		8.0			8.7
execution environment
1	cpe:2.3:o:citrix:hypervisor:-:::::::*
2	cpe:2.3:o:nutanix:ahv:-:::::::*
3	cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:::::::*
4	cpe:2.3:o:vmware:vsphere:-:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:nvidia:virtual_gpu_manager::::::::		11.0			11.4
cpe:2.3:a:nvidia:virtual_gpu_manager::::::::		12.0			12.2
execution environment
1	cpe:2.3:o:citrix:hypervisor:-:::::::*
2	cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:::::::*
3	cpe:2.3:o:vmware:vsphere:-:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	https://nvidia.custhelp.com/app/answers/detail/a_id/5172		Vendor Advisory
2	https://nvidia.custhelp.com/app/answers/detail/a_id/5172		Vendor Advisory

Common Vulnerabilities List