Memory Corruption Vulnerability in NVIDIA Virtual GPU Manager
CVE-2024-0146

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Vgpu Software
Vendor: CVE Published:; 28 January 2025

Summary

NVIDIA vGPU software features a vulnerability in the Virtual GPU Manager that can be exploited by a malicious guest. This security flaw enables potential attackers to corrupt memory, possibly leading to unauthorized code execution, denial of service attacks, information disclosure, or alteration of data. It is crucial for users and system administrators relying on NVIDIA's virtual GPU technology to stay informed about this vulnerability and apply necessary mitigations.

Affected Version(s)

NVIDIA vGPU software R530, R535

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5614

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 28, 2025
Vulnerability Reserved
Dec 2, 2023