Memory Corruption Vulnerability in NVIDIA Virtual GPU Manager
CVE-2024-0146

7.8HIGH

Key Information:

Vendor

Nvidia
Status
Nvidia Vgpu Software
Vendor
CVE Published:
28 January 2025

What is CVE-2024-0146?

NVIDIA vGPU software features a vulnerability in the Virtual GPU Manager that can be exploited by a malicious guest. This security flaw enables potential attackers to corrupt memory, possibly leading to unauthorized code execution, denial of service attacks, information disclosure, or alteration of data. It is crucial for users and system administrators relying on NVIDIA's virtual GPU technology to stay informed about this vulnerability and apply necessary mitigations.

Affected Version(s)

NVIDIA vGPU software R530, R535

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5614

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.