CVE-2024-0085

CWE-2663 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 72.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Cloud Gaming Nvidia Virtual GPU Nvidia Vgpu Software AND Cloud Gaming

Timeline

PublishedJun 13

Latest updateJun 14

Description

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.0 | Impact: 5.2

Affected Packages3 packages

▶CVEListV5nvidia/vgpu_software_and_cloud_gamingAll versions up to and including 17.1, 16.5, 13.10, and the April 2024 release

▶NVDnvidia/virtual_gpu14.0 — 16.6+3

▶NVDnvidia/cloud_gaming< 555.52.04

🔴Vulnerability Details

GHSA

GHSA-76q6-r982-4fxq: NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host↗2024-06-14

▶

CVEList

CVE↗2024-06-13

▶