Vulnerabilites related to NVIDIA - NVIDIA GPU Display Driver, vGPU software
cve-2024-0131
Vulnerability from cvelistv5
Published
2025-02-02 00:15
Modified
2025-02-03 17:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver, vGPU software |
Version: R535, R550, R560, R565, R570 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0131", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-03T17:03:53.483350Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-03T17:03:58.152Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Windows", "Linux", ], product: "NVIDIA GPU Display Driver, vGPU software", vendor: "NVIDIA", versions: [ { status: "affected", version: "R535, R550, R560, R565, R570", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.</span>", }, ], value: "NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of service", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-805", description: "CWE-805", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-02T00:15:26.255Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5614", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0131", datePublished: "2025-02-02T00:15:26.255Z", dateReserved: "2023-12-02T00:42:42.036Z", dateUpdated: "2025-02-03T17:03:58.152Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-53869
Vulnerability from cvelistv5
Published
2025-01-28 04:07
Modified
2025-01-28 15:15
Severity ?
EPSS score ?
Summary
NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver, vGPU software |
Version: R535, R550 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-53869", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T15:14:53.575295Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-28T15:15:04.737Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver, vGPU software", vendor: "NVIDIA", versions: [ { status: "affected", version: "R535, R550", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.", }, ], value: "NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Information disclosure", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-459", description: "CWE-459 Incomplete Cleanup", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T04:07:47.554Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5614", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-53869", datePublished: "2025-01-28T04:07:47.554Z", dateReserved: "2024-11-22T23:18:57.225Z", dateUpdated: "2025-01-28T15:15:04.737Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0147
Vulnerability from cvelistv5
Published
2025-01-28 03:27
Modified
2025-01-28 15:20
Severity ?
EPSS score ?
Summary
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver, vGPU software |
Version: R535, R550, R560, R565 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0147", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T15:20:30.463336Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-28T15:20:41.498Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver, vGPU software", vendor: "NVIDIA", versions: [ { status: "affected", version: "R535, R550, R560, R565", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.", }, ], value: "NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of service, data tampering", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T03:27:50.092Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5614", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0147", datePublished: "2025-01-28T03:27:50.092Z", dateReserved: "2023-12-02T00:42:58.259Z", dateUpdated: "2025-01-28T15:20:41.498Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0149
Vulnerability from cvelistv5
Published
2025-01-28 04:04
Modified
2025-03-27 20:03
Severity ?
EPSS score ?
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver, vGPU software |
Version: R535, R550 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0149", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T15:15:48.771372Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-28T15:15:52.683Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2025-03-27T20:03:01.774Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2025/03/27/7", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver, vGPU software", vendor: "NVIDIA", versions: [ { status: "affected", version: "R535, R550", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.</span>", }, ], value: "NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Information disclosure", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T04:04:19.542Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5614", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0149", datePublished: "2025-01-28T04:04:19.542Z", dateReserved: "2023-12-02T00:43:00.230Z", dateUpdated: "2025-03-27T20:03:01.774Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0150
Vulnerability from cvelistv5
Published
2025-01-28 03:26
Modified
2025-01-28 15:21
Severity ?
EPSS score ?
Summary
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU Display Driver, vGPU software |
Version: R535, R550, R560, R565 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-0150", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T15:21:14.178626Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-28T15:21:22.520Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NVIDIA GPU Display Driver, vGPU software", vendor: "NVIDIA", versions: [ { status: "affected", version: "R535, R550, R560, R565", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.", }, ], value: "NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Information disclosure, denial of service, and data tampering", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T03:26:55.489Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5614", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0150", datePublished: "2025-01-28T03:26:55.489Z", dateReserved: "2023-12-02T00:43:01.107Z", dateUpdated: "2025-01-28T15:21:22.520Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }