CVE-2020-5984

CWE-416Use After Free3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 73.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Virtual GPU ManagerNvidia Nvidia Vgpu Software
Timeline
PublishedOct 2
Latest updateMay 24

Description

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDnvidia/virtual_gpu_manager8.08.5+2
CVEListV5nvidia/nvidia_vgpu_softwarevGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0

🔴Vulnerability Details

2
GHSA
GHSA-h29p-vgfp-4fcp: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resour2022-05-24
CVEList
CVE-2020-5984: NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resour2020-10-02
CVE-2020-5984 (HIGH CVSS 7.8) | NVIDIA Virtual GPU Manager contains | cvebase.io