DEBIAN-CVE-2020-5991

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2020-5991
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-5991.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2020-5991
Upstream
Published
2020-10-30T21:15:11.620Z
Modified
2025-11-20T10:14:49.747273Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.

References

Affected packages

Debian:11 / nvidia-cuda-toolkit

Package

Name
nvidia-cuda-toolkit
Purl
pkg:deb/debian/nvidia-cuda-toolkit?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.1.1-2

Affected versions

3.*
3.1-1
3.2.16-1
3.2.16-2
4.*
4.0.13-1
4.0.17-1
4.0.17-2
4.0.17-3
4.1.21-1
4.1.28-1
4.1.28-2
4.2.9-1~bpo60+1
4.2.9-1~bpo60+2
4.2.9-1
4.2.9-2
5.*
5.0.24-1
5.0.35-1
5.0.35-2
5.0.35-3
5.0.35-4
5.0.35-5
5.0.35-6
5.0.35-7
5.0.35-8~bpo70+1
5.0.35-8
5.5.22-1
5.5.22-2
5.5.22-3
5.5.22-4
5.5.22-5
5.5.22-6~bpo70+1
5.5.22-6~bpo70+2
5.5.22-6
6.*
6.0.37-1
6.0.37-2
6.0.37-3
6.0.37-4
6.0.37-5
6.5.14-1
6.5.14-2
6.5.19-1
6.5.19-2
6.5.19-3~bpo8+1
6.5.19-3
7.*
7.0.28-1
7.0.28-2
7.0.28-3
7.0.28-4
7.5.18-1
7.5.18-2
7.5.18-3
7.5.18-4~bpo8+1
7.5.18-4
8.*
8.0.44-1
8.0.44-2
8.0.44-3
8.0.44-4
8.0.61-1
8.0.61-2
8.0.61-3
9.*
9.0.176-1
9.0.176-2
9.1.85-1
9.1.85-2
9.1.85-3
9.1.85-4~bpo9+1
9.1.85-4
9.1.85-5
9.1.85-6
9.1.85-7~bpo9+1
9.1.85-7
9.1.85-8~bpo9+1
9.1.85-8
9.2.88-1
9.2.148-1
9.2.148-2
9.2.148-3
9.2.148-4
9.2.148-5
9.2.148-6
9.2.148-7
10.*
10.0.130-1
10.0.130-2
10.0.130-3
10.1.105-1
10.1.105-2
10.1.105-3
10.1.168-1
10.1.168-2
10.1.168-3
10.1.168-4
10.1.168-5
10.1.168-6
10.1.168-7~bpo10+1
10.1.168-7
10.1.168-8
10.1.168-9
10.1.168-10
10.1.168-11
10.1.243-1
10.1.243-2
10.1.243-3
10.1.243-4
10.1.243-5
10.1.243-6~bpo10+1
10.1.243-6
10.1.243-7
10.1.243-8
10.2.89-1
10.2.89-2
10.2.89-3
10.2.89-4
10.2.89-5~bpo10+1
10.2.89-5
11.*
11.0.2-1
11.0.3-1
11.0.3-2
11.0.3-3
11.1.0-1
11.1.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-5991.json"

Debian:12 / nvidia-cuda-toolkit

Package

Name
nvidia-cuda-toolkit
Purl
pkg:deb/debian/nvidia-cuda-toolkit?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.1.1-2

Affected versions

3.*
3.1-1
3.2.16-1
3.2.16-2
4.*
4.0.13-1
4.0.17-1
4.0.17-2
4.0.17-3
4.1.21-1
4.1.28-1
4.1.28-2
4.2.9-1~bpo60+1
4.2.9-1~bpo60+2
4.2.9-1
4.2.9-2
5.*
5.0.24-1
5.0.35-1
5.0.35-2
5.0.35-3
5.0.35-4
5.0.35-5
5.0.35-6
5.0.35-7
5.0.35-8~bpo70+1
5.0.35-8
5.5.22-1
5.5.22-2
5.5.22-3
5.5.22-4
5.5.22-5
5.5.22-6~bpo70+1
5.5.22-6~bpo70+2
5.5.22-6
6.*
6.0.37-1
6.0.37-2
6.0.37-3
6.0.37-4
6.0.37-5
6.5.14-1
6.5.14-2
6.5.19-1
6.5.19-2
6.5.19-3~bpo8+1
6.5.19-3
7.*
7.0.28-1
7.0.28-2
7.0.28-3
7.0.28-4
7.5.18-1
7.5.18-2
7.5.18-3
7.5.18-4~bpo8+1
7.5.18-4
8.*
8.0.44-1
8.0.44-2
8.0.44-3
8.0.44-4
8.0.61-1
8.0.61-2
8.0.61-3
9.*
9.0.176-1
9.0.176-2
9.1.85-1
9.1.85-2
9.1.85-3
9.1.85-4~bpo9+1
9.1.85-4
9.1.85-5
9.1.85-6
9.1.85-7~bpo9+1
9.1.85-7
9.1.85-8~bpo9+1
9.1.85-8
9.2.88-1
9.2.148-1
9.2.148-2
9.2.148-3
9.2.148-4
9.2.148-5
9.2.148-6
9.2.148-7
10.*
10.0.130-1
10.0.130-2
10.0.130-3
10.1.105-1
10.1.105-2
10.1.105-3
10.1.168-1
10.1.168-2
10.1.168-3
10.1.168-4
10.1.168-5
10.1.168-6
10.1.168-7~bpo10+1
10.1.168-7
10.1.168-8
10.1.168-9
10.1.168-10
10.1.168-11
10.1.243-1
10.1.243-2
10.1.243-3
10.1.243-4
10.1.243-5
10.1.243-6~bpo10+1
10.1.243-6
10.1.243-7
10.1.243-8
10.2.89-1
10.2.89-2
10.2.89-3
10.2.89-4
10.2.89-5~bpo10+1
10.2.89-5
11.*
11.0.2-1
11.0.3-1
11.0.3-2
11.0.3-3
11.1.0-1
11.1.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-5991.json"

Debian:13 / nvidia-cuda-toolkit

Package

Name
nvidia-cuda-toolkit
Purl
pkg:deb/debian/nvidia-cuda-toolkit?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.1.1-2

Affected versions

3.*
3.1-1
3.2.16-1
3.2.16-2
4.*
4.0.13-1
4.0.17-1
4.0.17-2
4.0.17-3
4.1.21-1
4.1.28-1
4.1.28-2
4.2.9-1~bpo60+1
4.2.9-1~bpo60+2
4.2.9-1
4.2.9-2
5.*
5.0.24-1
5.0.35-1
5.0.35-2
5.0.35-3
5.0.35-4
5.0.35-5
5.0.35-6
5.0.35-7
5.0.35-8~bpo70+1
5.0.35-8
5.5.22-1
5.5.22-2
5.5.22-3
5.5.22-4
5.5.22-5
5.5.22-6~bpo70+1
5.5.22-6~bpo70+2
5.5.22-6
6.*
6.0.37-1
6.0.37-2
6.0.37-3
6.0.37-4
6.0.37-5
6.5.14-1
6.5.14-2
6.5.19-1
6.5.19-2
6.5.19-3~bpo8+1
6.5.19-3
7.*
7.0.28-1
7.0.28-2
7.0.28-3
7.0.28-4
7.5.18-1
7.5.18-2
7.5.18-3
7.5.18-4~bpo8+1
7.5.18-4
8.*
8.0.44-1
8.0.44-2
8.0.44-3
8.0.44-4
8.0.61-1
8.0.61-2
8.0.61-3
9.*
9.0.176-1
9.0.176-2
9.1.85-1
9.1.85-2
9.1.85-3
9.1.85-4~bpo9+1
9.1.85-4
9.1.85-5
9.1.85-6
9.1.85-7~bpo9+1
9.1.85-7
9.1.85-8~bpo9+1
9.1.85-8
9.2.88-1
9.2.148-1
9.2.148-2
9.2.148-3
9.2.148-4
9.2.148-5
9.2.148-6
9.2.148-7
10.*
10.0.130-1
10.0.130-2
10.0.130-3
10.1.105-1
10.1.105-2
10.1.105-3
10.1.168-1
10.1.168-2
10.1.168-3
10.1.168-4
10.1.168-5
10.1.168-6
10.1.168-7~bpo10+1
10.1.168-7
10.1.168-8
10.1.168-9
10.1.168-10
10.1.168-11
10.1.243-1
10.1.243-2
10.1.243-3
10.1.243-4
10.1.243-5
10.1.243-6~bpo10+1
10.1.243-6
10.1.243-7
10.1.243-8
10.2.89-1
10.2.89-2
10.2.89-3
10.2.89-4
10.2.89-5~bpo10+1
10.2.89-5
11.*
11.0.2-1
11.0.3-1
11.0.3-2
11.0.3-3
11.1.0-1
11.1.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-5991.json"

Debian:14 / nvidia-cuda-toolkit

Package

Name
nvidia-cuda-toolkit
Purl
pkg:deb/debian/nvidia-cuda-toolkit?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.1.1-2

Affected versions

3.*
3.1-1
3.2.16-1
3.2.16-2
4.*
4.0.13-1
4.0.17-1
4.0.17-2
4.0.17-3
4.1.21-1
4.1.28-1
4.1.28-2
4.2.9-1~bpo60+1
4.2.9-1~bpo60+2
4.2.9-1
4.2.9-2
5.*
5.0.24-1
5.0.35-1
5.0.35-2
5.0.35-3
5.0.35-4
5.0.35-5
5.0.35-6
5.0.35-7
5.0.35-8~bpo70+1
5.0.35-8
5.5.22-1
5.5.22-2
5.5.22-3
5.5.22-4
5.5.22-5
5.5.22-6~bpo70+1
5.5.22-6~bpo70+2
5.5.22-6
6.*
6.0.37-1
6.0.37-2
6.0.37-3
6.0.37-4
6.0.37-5
6.5.14-1
6.5.14-2
6.5.19-1
6.5.19-2
6.5.19-3~bpo8+1
6.5.19-3
7.*
7.0.28-1
7.0.28-2
7.0.28-3
7.0.28-4
7.5.18-1
7.5.18-2
7.5.18-3
7.5.18-4~bpo8+1
7.5.18-4
8.*
8.0.44-1
8.0.44-2
8.0.44-3
8.0.44-4
8.0.61-1
8.0.61-2
8.0.61-3
9.*
9.0.176-1
9.0.176-2
9.1.85-1
9.1.85-2
9.1.85-3
9.1.85-4~bpo9+1
9.1.85-4
9.1.85-5
9.1.85-6
9.1.85-7~bpo9+1
9.1.85-7
9.1.85-8~bpo9+1
9.1.85-8
9.2.88-1
9.2.148-1
9.2.148-2
9.2.148-3
9.2.148-4
9.2.148-5
9.2.148-6
9.2.148-7
10.*
10.0.130-1
10.0.130-2
10.0.130-3
10.1.105-1
10.1.105-2
10.1.105-3
10.1.168-1
10.1.168-2
10.1.168-3
10.1.168-4
10.1.168-5
10.1.168-6
10.1.168-7~bpo10+1
10.1.168-7
10.1.168-8
10.1.168-9
10.1.168-10
10.1.168-11
10.1.243-1
10.1.243-2
10.1.243-3
10.1.243-4
10.1.243-5
10.1.243-6~bpo10+1
10.1.243-6
10.1.243-7
10.1.243-8
10.2.89-1
10.2.89-2
10.2.89-3
10.2.89-4
10.2.89-5~bpo10+1
10.2.89-5
11.*
11.0.2-1
11.0.3-1
11.0.3-2
11.0.3-3
11.1.0-1
11.1.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2020-5991.json"