CVE-2024-0146

Published Jan 28, 2025

Last updated a month ago

CVSS high 7.8

Overview

Description
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.
Source
psirt@nvidia.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@nvidia.com
CWE-120

Social media

Hype score
Not currently trending

  1. https://t.co/4vnAO0fEkP ⚠️ NVIDIA Releases Urgent GPU Driver Patches! 🔒 Fixes 8 flaws, including critical: CVE-2024-0150: Buffer overflow risks system compromise. CVE-2024-0146: Memory corruption in vGPU Manager. 💡 Update to 553.62 (Windows) or 550.144.03 (Linux) now!… http

    @GameGPU_com

    20 Jan 2025

    61 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

References