CVE-2020-5973

NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
nvidiaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
nvidiavirtual_gpu
8.0 ≤
𝑥
≤ 8.3
nvidiavirtual_gpu
9.0 ≤
𝑥
≤ 9.3
nvidiavirtual_gpu
10.0 ≤
𝑥
≤ 10.2
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.10
canonicalubuntu_linux
20.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nvidia-graphics-drivers-390
focal
Fixed 390.138-0ubuntu0.20.04.1
released
eoan
Fixed 390.138-0ubuntu0.19.10.1
released
bionic
Fixed 390.138-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
nvidia-graphics-drivers-440
focal
Fixed 440.100-0ubuntu0.20.04.1
released
eoan
Fixed 440.100-0ubuntu0.19.10.1
released
bionic
Fixed 440.100-0ubuntu0.18.04.1
released
xenial
dne
trusty
dne
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
https://usn.ubuntu.com/4404-1/
https://usn.ubuntu.com/4404-2/
https://nvidia.custhelp.com/app/answers/detail/a_id/5031
https://usn.ubuntu.com/4404-1/
https://usn.ubuntu.com/4404-2/