NVIDIA GPU Display Driver Vulnerability for Windows and Linux
CVE-2024-0147

5.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu Display Driver, Vgpu Software
Vendor: CVE Published:; 28 January 2025

Summary

A vulnerability exists in NVIDIA's GPU display driver for both Windows and Linux, which involves referencing memory after it has been freed. This flaw poses risks of denial of service, potentially impacting system stability, and data tampering, where an attacker could alter sensitive information or system operations. It is crucial for users to ensure they are running the latest version of the driver to mitigate associated risks.

Affected Version(s)

NVIDIA GPU Display Driver, vGPU software R535, R550, R560, R565

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5614

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 28, 2025
Vulnerability Reserved
Dec 2, 2023