CVE-2020-5963

EUVD-2020-27117
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
nvidiaquadro_firmware
390 ≤
𝑥
< 390.138
nvidiaquadro_firmware
440 ≤
𝑥
< 440.100
nvidiaquadro_firmware
450 ≤
𝑥
< 450.51
nvidiatesla_firmware
418 ≤
𝑥
< 418.152.00
nvidiatesla_firmware
440 ≤
𝑥
< 440.95.01
nvidiatesla_firmware
450 ≤
𝑥
< 450.51.05
nvidiageforce_firmware
390 ≤
𝑥
< 390.138
nvidiageforce_firmware
440 ≤
𝑥
< 440.100
nvidiageforce_firmware
450 ≤
𝑥
< 450.51
nvidianvs_firmware
390 ≤
𝑥
< 390.138
nvidianvs_firmware
440 ≤
𝑥
< 440.100
nvidianvs_firmware
450 ≤
𝑥
< 450.51
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.10
canonicalubuntu_linux
20.04
nvidiaquadro_firmware
390 ≤
𝑥
< 392.61
nvidiaquadro_firmware
418 ≤
𝑥
< 426.78
nvidiaquadro_firmware
440 ≤
𝑥
< 443.18
nvidiaquadro_firmware
450 ≤
𝑥
< 451.48
nvidiatesla_firmware
418 ≤
𝑥
< 426.78
nvidiatesla_firmware
440 ≤
𝑥
< 443.18
nvidiageforce_firmware
450 ≤
𝑥
< 451.48
nvidianvs_firmware
390 ≤
𝑥
< 392.61
nvidianvs_firmware
418 ≤
𝑥
< 426.78
nvidianvs_firmware
440 ≤
𝑥
< 443.18
nvidianvs_firmware
450 ≤
𝑥
< 451.48
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nvidia-graphics-drivers
bookworm/non-free-firmware
535.183.01-1~deb12u1
fixed
bullseye/non-free
470.256.02-2
fixed
buster
ignored
jessie
no-dsa
sid/non-free-firmware
535.183.06-2
fixed
stretch
no-dsa
trixie/non-free-firmware
535.183.06-2
fixed
nvidia-graphics-drivers-legacy-340xx
buster
ignored
jessie
no-dsa
sid/non-free
vulnerable
stretch
no-dsa
nvidia-graphics-drivers-legacy-390xx
bullseye/non-free
390.157-1~deb11u1
fixed
buster
ignored
jessie
no-dsa
sid/non-free
390.157-9
fixed
stretch
no-dsa
nvidia-graphics-drivers-tesla-418
bullseye/non-free
418.226.00-6~deb11u2
fixed
buster
ignored
jessie
no-dsa
sid/non-free
418.226.00-16
fixed
stretch
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers-390
bionic
Fixed 390.138-0ubuntu0.18.04.1
released
eoan
Fixed 390.138-0ubuntu0.19.10.1
released
focal
Fixed 390.138-0ubuntu0.20.04.1
released
trusty
dne
xenial
dne
nvidia-graphics-drivers-440
bionic
Fixed 440.100-0ubuntu0.18.04.1
released
eoan
Fixed 440.100-0ubuntu0.19.10.1
released
focal
Fixed 440.100-0ubuntu0.20.04.1
released
trusty
dne
xenial
dne
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
https://usn.ubuntu.com/4404-1/
https://usn.ubuntu.com/4404-2/
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
https://usn.ubuntu.com/4404-1/
https://usn.ubuntu.com/4404-2/