CVE-2020-5987

Name of the Vulnerable Software and Affected Versions NVIDIA Virtual GPU Manager versions 8.x through 8.4 NVIDIA Virtual GPU Manager versions 10.x through 10.3 NVIDIA Virtual GPU Manager version 11.0

Description The issue arises from a vulnerability in the vGPU plugin where guest-supplied parameters remain writable by the guest after validation. This may allow the guest to pass invalid parameters to plugin handlers, potentially leading to denial of service or escalation of privileges.

Recommendations For NVIDIA Virtual GPU Manager versions 8.x through 8.4, update to version 8.5 or later. For NVIDIA Virtual GPU Manager versions 10.x through 10.3, update to version 10.4 or later. For NVIDIA Virtual GPU Manager version 11.0, update to a version later than 11.0.