CVE-2024-0091

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
OR cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
OR cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
OR cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:45

Type Values Removed Values Added
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory

15 Aug 2024, 22:20

Type Values Removed Values Added
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
First Time Nvidia nvs
Redhat
Canonical ubuntu Linux
Microsoft
Vmware
Citrix hypervisor
Nvidia virtual Gpu
Vmware vsphere
Microsoft azure Stack Hci
Nvidia gpu Display Driver
Redhat enterprise Linux Kernel-based Virtual Machine
Citrix
Nvidia rtx
Canonical
Nvidia tesla
Linux
Nvidia cloud Gaming
Linux linux Kernel
Nvidia studio
Nvidia geforce
Nvidia
Microsoft windows
Nvidia quadro
CWE NVD-CWE-Other

17 Jun 2024, 12:43

Type Values Removed Values Added
Summary
  • (es) El controlador de pantalla GPU NVIDIA para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una desreferencia de un puntero que no es de confianza ejecutando una API del controlador. Una explotación exitosa de esta vulnerabilidad podría provocar denegación de servicio, divulgación de información y manipulación de datos.

13 Jun 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-13 22:15

Updated : 2024-11-21 08:45


NVD link : CVE-2024-0091

Mitre link : CVE-2024-0091

CVE.ORG link : CVE-2024-0091


JSON object : View

Products Affected

canonical

  • ubuntu_linux

citrix

  • hypervisor

vmware

  • vsphere

linux

  • linux_kernel

nvidia

  • rtx
  • virtual_gpu
  • nvs
  • gpu_display_driver
  • geforce
  • studio
  • quadro
  • tesla
  • cloud_gaming

microsoft

  • windows
  • azure_stack_hci

redhat

  • enterprise_linux_kernel-based_virtual_machine
CWE
CWE-822

Untrusted Pointer Dereference

NVD-CWE-Other