CVE-2024-0091

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0091
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5551 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
OR cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
OR cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
OR cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*
History

15 Aug 2024, 22:20

Type Values Removed Values Added
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory
CPE cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
First Time Vmware vsphere
Microsoft azure Stack Hci
Canonical
Citrix
Microsoft windows
Redhat
Nvidia rtx
Nvidia geforce
Nvidia nvs
Nvidia gpu Display Driver
Redhat enterprise Linux Kernel-based Virtual Machine
Linux linux Kernel
Nvidia virtual Gpu
Nvidia studio
Nvidia cloud Gaming
Linux
Nvidia
Nvidia quadro
Canonical ubuntu Linux
Nvidia tesla
Microsoft
Citrix hypervisor
Vmware

13 Jun 2024, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-13 22:15

Updated : 2024-08-15 22:20

NVD link : CVE-2024-0091

Mitre link : CVE-2024-0091

JSON object : View

Products Affected

nvidia

  • geforce
  • nvs
  • virtual_gpu
  • quadro
  • cloud_gaming
  • gpu_display_driver
  • studio
  • rtx
  • tesla

citrix

  • hypervisor

redhat

  • enterprise_linux_kernel-based_virtual_machine

vmware

  • vsphere

canonical

  • ubuntu_linux

microsoft

  • azure_stack_hci
  • windows

linux

  • linux_kernel
CWE
NVD-CWE-Other