NVIDIA GPU Display Driver for Linux Vulnerability Could Lead to Denial of Service and Data Tampering
CVE-2024-0074

7.1HIGH

Key Information:

Vendor: Nvidia
Status: Gpu Display Driver, Vgpu Driver, Cloud Gaming Driver
Vendor: CVE Published:; 27 March 2024

What is CVE-2024-0074?

The NVIDIA GPU Display Driver for Linux has been identified with a serious vulnerability that could allow an attacker to access memory locations beyond the intended buffer. This issue has potential ramifications for system stability and security, leading to instances of denial of service and data manipulation. It is crucial for users and administrators to apply the appropriate patches to mitigate these risks and secure their systems against potential exploits targeting this vulnerability.

Affected Version(s)

GPU Display driver, vGPU driver, Cloud Gaming driver All versions prior to and including 16.3, 13.9, and all versions prior to and including the January 2024 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5520

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2024
Vulnerability Reserved
Dec 2, 2023

Nvidia

What is CVE-2024-0074?

Affected Version(s)

References

CVSS V3.1

Timeline