Upstream information
Description
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 3.6 |
| Vector | AV:L/AC:L/Au:N/C:N/I:P/A:P |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | Partial |
| Availability Impact | Partial |
| National Vulnerability Database | |
|---|---|
| Base Score | 7.1 |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | None |
| Integrity Impact | High |
| Availability Impact | High |
| CVSSv3 Version | 3.1 |
SUSE Timeline for this CVE
CVE page created: Wed Jul 1 07:59:04 2020CVE page last modified: Wed Oct 26 22:19:15 2022
Run SAP
SUSE for Public Cloud
Security
