CVE-2024-0090

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
OR cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
OR cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
OR cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:45

Type Values Removed Values Added
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory

15 Aug 2024, 22:17

Type Values Removed Values Added
CPE cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory
First Time Nvidia
Microsoft
Nvidia rtx
Nvidia cloud Gaming
Vmware vsphere
Nvidia nvs
Nvidia gpu Display Driver
Canonical
Redhat enterprise Linux Kernel-based Virtual Machine
Microsoft windows
Citrix
Canonical ubuntu Linux
Linux linux Kernel
Nvidia studio
Citrix hypervisor
Linux
Vmware
Nvidia virtual Gpu
Microsoft azure Stack Hci
Nvidia geforce
Nvidia quadro
Redhat
Nvidia tesla

17 Jun 2024, 12:43

Type Values Removed Values Added
Summary
  • (es) El controlador de GPU NVIDIA para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una escritura fuera de los límites. Una explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código, denegación de servicio, escalada de privilegios, divulgación de información y manipulación de datos.

13 Jun 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-13 22:15

Updated : 2024-11-21 08:45


NVD link : CVE-2024-0090

Mitre link : CVE-2024-0090

CVE.ORG link : CVE-2024-0090


JSON object : View

Products Affected

citrix

  • hypervisor

nvidia

  • quadro
  • tesla
  • rtx
  • geforce
  • nvs
  • studio
  • virtual_gpu
  • gpu_display_driver
  • cloud_gaming

vmware

  • vsphere

microsoft

  • azure_stack_hci
  • windows

canonical

  • ubuntu_linux

linux

  • linux_kernel

redhat

  • enterprise_linux_kernel-based_virtual_machine
CWE
CWE-787

Out-of-bounds Write