NVIDIA GPU Display Driver Vulnerability Could Lead to Privilege Escalation
CVE-2024-0126

8.2HIGH

Key Information:

Vendor: Nvidia
Status: Gpu, Vgpu, And Cloud Gaming
Vendor: CVE Published:; 26 October 2024

Summary

The NVIDIA GPU Display Driver for both Windows and Linux is subject to a vulnerability that allows an attacker with privileged access to escalate permissions. This exploit could lead to severe consequences such as unauthorized code execution, potential denial of service, escalation of user privileges, and the risk of sensitive data exposure and tampering. Affected users should take immediate precautions to mitigate risk.

Affected Version(s)

GPU, vGPU, and Cloud Gaming All versions prior to 17.4, 16.8, and the October 2024 release

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5586

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Oct 26, 2024
Vulnerability Reserved
Dec 2, 2023