CVE-2024-0086

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 81.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Cloud Gaming Nvidia Virtual GPU Nvidia Vgpu Software AND Cloud Gaming

Timeline

PublishedJun 13

Latest updateJun 14

Description

NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5nvidia/vgpu_software_and_cloud_gamingAll versions up to and including 17.1, 16.5, 13.10, and the April 2024 release

▶NVDnvidia/virtual_gpu14.0 — 16.6+2

▶NVDnvidia/cloud_gaming< 555.52.04

🔴Vulnerability Details

GHSA

GHSA-5fp7-q8w5-mmwf: NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer↗2024-06-14

▶

CVEList

CVE↗2024-06-13

▶