Lucene search

K
cvelistNvidiaCVELIST:CVE-2024-0071
HistoryMar 27, 2024 - 9:52 p.m.

CVE-2024-0071 CVE

2024-03-2721:52:24
CWE-125
nvidia
www.cve.org
2
nvidia
gpu
display driver
windows
vulnerability
out-of-bounds write
code execution
denial of service
escalation of privileges
information disclosure
data tampering

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0

Percentile

9.0%

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "GPU Display driver, vGPU driver, Cloud Gaming driver",
    "vendor": "nvidia",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to and including 16.3, 13.9, and all versions prior to and including the January 2024 release"
      }
    ]
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0

Percentile

9.0%