CVE-2024-0099

Summary

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.

Affected Software

VendorProductVersion RangeStatus
nvidiavGPU software and Cloud GamingAll versions up to and including 17.1, 16.5, 13.10, and the April 2024 releaseaffected

Weaknesses

  • CWE-120: CWE-120

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References