CVE-2020-5967

Publication date 24 June 2020

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

4.7 · Medium

Score breakdown

NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.

From the Ubuntu Security Team

It was discovered that the UVM driver in the NVIDIA graphics driver contained a race condition. A local attacker could use this to cause a denial of service.

Status

Package Ubuntu Release Status
nvidia-graphics-drivers-390 20.04 LTS focal
Fixed 390.138-0ubuntu0.20.04.1
19.10 eoan
Fixed 390.138-0ubuntu0.19.10.1
18.04 LTS bionic
Fixed 390.138-0ubuntu0.18.04.1
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
nvidia-graphics-drivers-440 20.04 LTS focal
Fixed 440.100-0ubuntu0.20.04.1
19.10 eoan
Fixed 440.100-0ubuntu0.19.10.1
18.04 LTS bionic
Fixed 440.100-0ubuntu0.18.04.1
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release

Severity score breakdown

Parameter Value
Base score 4.7 · Medium
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-4404-2
    • Linux kernel vulnerabilities
    • 25 June 2020
    • USN-4404-1
    • NVIDIA graphics drivers vulnerabilities
    • 25 June 2020

Other references