CVE-2020-5973

EUVD-2020-27127
NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
nvidiavirtual_gpu
8.0 ≤
𝑥
≤ 8.3
nvidiavirtual_gpu
9.0 ≤
𝑥
≤ 9.3
nvidiavirtual_gpu
10.0 ≤
𝑥
≤ 10.2
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.10
canonicalubuntu_linux
20.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers-390
bionic
Fixed 390.138-0ubuntu0.18.04.1
released
eoan
Fixed 390.138-0ubuntu0.19.10.1
released
focal
Fixed 390.138-0ubuntu0.20.04.1
released
trusty
dne
xenial
dne
nvidia-graphics-drivers-440
bionic
Fixed 440.100-0ubuntu0.18.04.1
released
eoan
Fixed 440.100-0ubuntu0.19.10.1
released
focal
Fixed 440.100-0ubuntu0.20.04.1
released
trusty
dne
xenial
dne
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
https://usn.ubuntu.com/4404-1/
https://usn.ubuntu.com/4404-2/
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
https://usn.ubuntu.com/4404-1/
https://usn.ubuntu.com/4404-2/