CVE-2020-5972

HIGH

NVIDIA Virtual GPU Manager - Memory Corruption

Title source: llm

Description

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).

References (1)

[Vendor Advisory] https://nvidia.custhelp.com/app/answers/detail/a_id/5031

Scores

CVSS v3 7.1

EPSS 0.0005

EPSS Percentile 15.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE

CWE-763

Status published

Products (1)

nvidia/virtual_gpu_manager 8.0 - 8.3

Published Jun 30, 2020

Tracked Since Feb 18, 2026