CVE-2020-5973
Last modified
CVE-2020-5973 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).. EPSS estimates a 0.40% chance of exploitation in the next 30 days.
Description
NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Virtual Gpu | >= 8.0, <= 8.3 |
| Nvidia | Virtual Gpu | >= 9.0, <= 9.3 |
| Nvidia | Virtual Gpu | >= 10.0, <= 10.2 |
| Canonical | Ubuntu Linux | 18.04 |
| Canonical | Ubuntu Linux | 19.10 |
| Canonical | Ubuntu Linux | 20.04 |
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5031Vendor Advisory
- https://usn.ubuntu.com/4404-1/Third Party Advisory
- https://usn.ubuntu.com/4404-2/Third Party Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5031Vendor Advisory
- https://usn.ubuntu.com/4404-1/Third Party Advisory
- https://usn.ubuntu.com/4404-2/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-5973?
How severe is CVE-2020-5973?
How do I fix CVE-2020-5973?
Are you affected by CVE-2020-5973?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST