CVE-2024-0086

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0086
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5551 Third Party Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5551 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
OR cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
History

21 Nov 2024, 08:45

Type Values Removed Values Added
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Third Party Advisory () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Third Party Advisory

15 Aug 2024, 22:05

Type Values Removed Values Added
First Time Redhat enterprise Linux Kernel-based Virtual Machine
Citrix
Redhat
Canonical ubuntu Linux
Vmware
Canonical
Citrix hypervisor
Nvidia cloud Gaming
Nvidia virtual Gpu
Nvidia
Vmware vsphere
CPE cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Third Party Advisory

17 Jun 2024, 12:43

Type Values Removed Values Added
Summary
  • (es) El software NVIDIA vGPU para Linux contiene una vulnerabilidad en la que el software puede eliminar la referencia a un puntero NULL. Una explotación exitosa de esta vulnerabilidad podría provocar una denegación de servicio y un comportamiento indefinido en el complemento vGPU.

13 Jun 2024, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-13 22:15

Updated : 2024-11-21 08:45

NVD link : CVE-2024-0086

Mitre link : CVE-2024-0086

CVE.ORG link : CVE-2024-0086

JSON object : View

Products Affected

redhat

  • enterprise_linux_kernel-based_virtual_machine

vmware

  • vsphere

citrix

  • hypervisor

canonical

  • ubuntu_linux

nvidia

  • cloud_gaming
  • virtual_gpu
CWE
CWE-476

NULL Pointer Dereference