CVE-2024-0099

EPSS 0.07%
Veröffentlicht 13.06.2024 22:15:13
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle psirt@nvidia.com
CVE-Watchlists
Login
Unerledigt
Login

CVE

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 5 VulnDex Vulnerability Enrichment 6

Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)

Herstellernvidia

≫

Produkt geforce

Default Statusunknown

Version 0

Version < 555.52.04

Status affected

Version 0

Version < 550.90.07

Status affected

Version 0

Version < 535.183.01

Status affected

Version 0

Version < 470.256.02

Status affected

Herstellernvidia

≫

Produkt tesla

Default Statusunknown

Version 0

Version < 550.90.07

Status affected

Version 0

Version < 535.183.01

Status affected

Version 0

Version < 470.256.02

Status affected

Herstellernvidia

≫

Produkt quadro

Default Statusunknown

Version 0

Version < 555.52.04

Status affected

Version 0

Version < 550.90.07

Status affected

Version 0

Version < 535.183.01

Status affected

Version 0

Version < 470.256.02

Status affected

Herstellernvidia

≫

Produkt rtx

Default Statusunknown

Version 0

Version < 555.52.04

Status affected

Version 0

Version < 550.90.07

Status affected

Version 0

Version < 535.183.01

Status affected

Version 0

Version < 470.256.02

Status affected

Herstellernvidia

≫

Produkt nvs

Default Statusunknown

Version 0

Version < 555.52.04

Status affected

Version 0

Version < 550.90.07

Status affected

Version 0

Version < 535.183.01

Status affected

Version 0

Version < 470.256.02

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.219

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@nvidia.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://nvidia.custhelp.com/app/answers/detail/a_id/5551

https://nvd.nist.gov/vuln/detail/CVE-2024-0099

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-0099

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-0099

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-0099