admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

NVIDIA-vGPU Driver-Sept-2020

Browse Source 
NVIDIA-vGPU Driver-Sept-2020
This commit is contained in:
PSIRT-NVIDIA 2020-10-02 16:01:42 -05:00
parent d3f8a4a417
commit 99b8215014
7 changed files with 427 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2020/5xxx/CVE-2020-5983.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5983", "ID" : "CVE-2020-5983",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service or information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5984.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5984", "ID" : "CVE-2020-5984",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0"
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service, code execution, and information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : " NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5985.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5985", "ID" : "CVE-2020-5985",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5986.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5986", "ID" : "CVE-2020-5986",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5987.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5987", "ID" : "CVE-2020-5987",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service or escalation of privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5988.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5988", "ID" : "CVE-2020-5988",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service or information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }

50
2020/5xxx/CVE-2020-5989.json
View File

@ -4,14 +4,58 @@
"data_version" : "4.0", "data_version" : "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ID" : "CVE-2020-5989", "ID" : "CVE-2020-5989",
"ASSIGNER": "cve@mitre.org", "ASSIGNER" : "psirt@nvidia.com",
"STATE": "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "NVIDIA",
"product" : {
"product_data" : [
{
"product_name" : "NVIDIA vGPU Software",
"version" : {
"version_data" : [
{
"version_value" : "vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5075"
}
]
}, },
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0."
} }
] ]
} }