Vulnerabilities > CVE-2020-5972 - Release of Invalid Pointer or Reference vulnerability in Nvidia Virtual GPU Manager

047910
CVSS 7.1 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
nvidia
CWE-763

Summary

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).

Common Weakness Enumeration (CWE)