NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Virtual_gpu | Nvidia | 11.0 (including) | 11.8 (excluding) |
Virtual_gpu | Nvidia | 13.0 (including) | 13.3 (excluding) |
Virtual_gpu | Nvidia | 14.0 (including) | 14.0 (including) |
Virtual_gpu | Nvidia | 14.1 (including) | 14.1 (including) |