CVE-2024-0085

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
OR cpe:2.3:a:vmware:vsphere:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:45

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 6.3
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory

15 Aug 2024, 22:03

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 6.3
v2 : unknown
v3 : 7.8
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5551 - Vendor Advisory
CWE NVD-CWE-Other
CPE cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*
cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vsphere:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*
cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*
First Time Microsoft
Citrix
Canonical ubuntu Linux
Nvidia virtual Gpu
Canonical
Nvidia
Redhat
Citrix hypervisor
Vmware vsphere
Microsoft azure Stack Hci
Redhat enterprise Linux Kernel-based Virtual Machine
Vmware
Nvidia cloud Gaming

17 Jun 2024, 12:43

Type Values Removed Values Added
Summary
  • (es) El software NVIDIA vGPU para Windows y Linux contiene una vulnerabilidad por la que usuarios sin privilegios podrían ejecutar operaciones privilegiadas en el host. Una explotación exitosa de esta vulnerabilidad podría provocar manipulación de datos, escalada de privilegios y denegación de servicio.

13 Jun 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-13 22:15

Updated : 2024-11-21 08:45


NVD link : CVE-2024-0085

Mitre link : CVE-2024-0085

CVE.ORG link : CVE-2024-0085


JSON object : View

Products Affected

nvidia

  • cloud_gaming
  • virtual_gpu

citrix

  • hypervisor

vmware

  • vsphere

microsoft

  • azure_stack_hci

canonical

  • ubuntu_linux

redhat

  • enterprise_linux_kernel-based_virtual_machine
CWE
CWE-266

Incorrect Privilege Assignment

NVD-CWE-Other