CVE-2024-0107

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
OR cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

17 Sep 2024, 12:10

Type Values Removed Values Added
CPE cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*
cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
Summary
  • (es) NVIDIA GPU Display Driver para Windows contiene una vulnerabilidad en la capa de modo de usuario, donde un usuario normal sin privilegios puede provocar una lectura fuera de los límites. Una explotación exitosa de esta vulnerabilidad podría provocar la ejecución de código, denegación de servicio, escalada de privilegios, divulgación de información y manipulación de datos.
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5557 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5557 - Vendor Advisory
First Time Nvidia
Nvidia tesla
Nvidia quadro
Nvidia gpu Display Driver
Nvidia geforce
Nvidia cloud Gaming
Microsoft
Nvidia rtx
Nvidia virtual Gpu
Microsoft windows

08 Aug 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-08 17:15

Updated : 2024-09-17 12:10


NVD link : CVE-2024-0107

Mitre link : CVE-2024-0107

CVE.ORG link : CVE-2024-0107


JSON object : View

Products Affected

nvidia

  • rtx
  • virtual_gpu
  • gpu_display_driver
  • geforce
  • quadro
  • tesla
  • cloud_gaming

microsoft

  • windows
CWE
CWE-125

Out-of-bounds Read