Skip to main content

Virtual Gpu Manager CVE-2019-5696

MEDIUM
Incorrect Calculation of Buffer Size (CWE-131)
2019-11-09 psirt@nvidia.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 09, 2019 - 02:15 nvd
MEDIUM 5.5

DescriptionNVD

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service.

AnalysisAI

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-131. NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service. Affected products include: Nvidia Virtual Gpu Manager.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-1084 HIGH
7.8 Apr 29

NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in wh

CVE-2021-1083 HIGH
7.8 Apr 29

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in

CVE-2021-1082 HIGH
7.8 Apr 29

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not

CVE-2021-1081 HIGH
7.8 Apr 29

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in

CVE-2021-1080 HIGH
7.8 Apr 29

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which certain input data is n

CVE-2021-1063 HIGH
7.8 Jan 08

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may le

CVE-2021-1059 HIGH
7.8 Jan 08

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lea

CVE-2021-1057 HIGH
7.8 Jan 08

NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to

CVE-2020-5987 HIGH
7.8 Oct 02

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writabl

CVE-2020-5984 HIGH
7.8 Oct 02

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerabi

CVE-2020-5981 HIGH
7.8 Oct 02

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.

CVE-2020-5980 HIGH
7.8 Oct 02

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loa

Share

CVE-2019-5696 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy