First published: Fri Jan 08 2021(Updated: )
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Virtual GPU Manager | >=8.0<8.6 | |
NVIDIA Virtual GPU Manager | >=11.0<11.3 | |
Citrix Hypervisor | ||
Nutanix Ahv | ||
Redhat Enterprise Linux Kernel-based Virtual Machine | ||
VMware vSphere |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-1066 is a vulnerability in the NVIDIA vGPU manager vGPU plugin that allows input data to be unvalidated, leading to resource consumption and potential denial of service attacks.
CVE-2021-1066 affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).
CVE-2021-1066 has a severity rating of 5.5, which is considered medium.
CVE-2021-1066 can be exploited by sending unvalidated input data to the vGPU plugin, causing resource consumption and potential denial of service attacks.
No, Citrix Hypervisor is not vulnerable to CVE-2021-1066.