CVE-2020-5972
First published: Tue Jun 30 2020(Updated: )
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Virtual GPU Manager | >=8.0<=8.3 | |
| NVIDIA Virtual GPU Manager | >=9.0<=9.3 | |
| NVIDIA Virtual GPU Manager | >=10.0<=10.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-5972.
What software is affected by CVE-2020-5972?
NVIDIA Virtual GPU Manager versions 8.x (prior to 8.4), 9.x (prior to 9.4), and 10.x (prior to 10.2) are affected.
What is the severity of CVE-2020-5972?
The severity of CVE-2020-5972 is high with a CVSS score of 7.1.
How can CVE-2020-5972 be exploited?
CVE-2020-5972 can be exploited by tampering or causing a denial of service due to uninitialized local pointer variables in the vGPU plugin of NVIDIA Virtual GPU Manager.
Where can I find more information about CVE-2020-5972?
More information about CVE-2020-5972 can be found at this link: https://nvidia.custhelp.com/app/answers/detail/a_id/5031
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia virtual gpu manager
- version/nvidia virtual gpu manager/8.0
- version/nvidia virtual gpu manager/8.3
- version/nvidia virtual gpu manager/9.0
- version/nvidia virtual gpu manager/9.3
- version/nvidia virtual gpu manager/10.0
- version/nvidia virtual gpu manager/10.2