7.8

CVE-2024-0107

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Data is provided by the National Vulnerability Database (NVD)
NvidiaGpu Display Driver SwPlatformwindows Version >= 470 < 475.14
   NvidiaGeforce Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 555 < 556.12
   NvidiaGeforce Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 470 < 475.14
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaTesla Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 535 < 538.78
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaTesla Version-
NvidiaGpu Display Driver SwPlatformwindows Version >= 550 < 552.74
   NvidiaQuadro Version-
   NvidiaRtx Version-
   NvidiaTesla Version-
NvidiaVirtual Gpu Version < 13.12
   MicrosoftWindows Version-
NvidiaVirtual Gpu Version >= 14.0 < 16.7
   MicrosoftWindows Version-
NvidiaVirtual Gpu Version >= 17.0 < 17.3
   MicrosoftWindows Version-
NvidiaCloud Gaming Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.16% 0.37
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
psirt@nvidia.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.