Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-0146 (GCVE-0-2024-0146)
Vulnerability from cvelistv5 – Published: 2025-01-28 04:09 – Updated: 2025-01-28 15:14
VLAI
EPSS
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.
Severity
7.8 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | NVIDIA vGPU software |
Affected:
R530, R535
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T15:14:02.105388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:14:22.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NVIDIA vGPU software",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "R530, R535"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering."
}
],
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, denial of service, information disclosure, data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T04:09:24.737Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0146",
"datePublished": "2025-01-28T04:09:24.737Z",
"dateReserved": "2023-12-02T00:42:57.162Z",
"dateUpdated": "2025-01-28T15:14:22.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-0146",
"date": "2026-05-29",
"epss": "0.00036",
"percentile": "0.11284"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-0146\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2025-01-28T04:15:09.447\",\"lastModified\":\"2025-01-28T04:15:09.447\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.\"},{\"lang\":\"es\",\"value\":\"El software NVIDIA vGPU contiene una vulnerabilidad en el Administrador de GPU virtual, donde un invitado malintencionado podr\u00eda provocar da\u00f1os en la memoria. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, la denegaci\u00f3n de servicio, la divulgaci\u00f3n de informaci\u00f3n o la manipulaci\u00f3n de datos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"references\":[{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5614\",\"source\":\"psirt@nvidia.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0146\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-28T15:14:02.105388Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-28T15:14:15.265Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Code execution, denial of service, information disclosure, data tampering\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"NVIDIA\", \"product\": \"NVIDIA vGPU software\", \"versions\": [{\"status\": \"affected\", \"version\": \"R530, R535\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5614\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"shortName\": \"nvidia\", \"dateUpdated\": \"2025-01-28T04:09:24.737Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-0146\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-28T15:14:22.830Z\", \"dateReserved\": \"2023-12-02T00:42:57.162Z\", \"assignerOrgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"datePublished\": \"2025-01-28T04:09:24.737Z\", \"assignerShortName\": \"nvidia\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Уязвимость компонента NVIDIA Virtual GPU Manager драйвера виртуальных графических процессоров NVIDIA Virtual GPU, позволяющая нарушителю выполнить произвольный код, вызвать отказ в обслуживании или раскрыть защищаемую информацию
Description
Уязвимость компонента NVIDIA Virtual GPU Manager драйвера виртуальных графических процессоров NVIDIA Virtual GPU связана с копированием буфера без проверки размера входных данных. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код, вызвать отказ в обслуживании или раскрыть защищаемую информацию
Severity
Vendor
ООО «Ред Софт», NVIDIA Corp.
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), vGPU
Software Version
7.3 (РЕД ОС), до 17.5 (vGPU), до 16.9 (vGPU)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для NVIDIA:
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
Для
РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Reference
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
CWE
CWE-120
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, NVIDIA Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 17.5 (vGPU), \u0434\u043e 16.9 (vGPU)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f NVIDIA: \nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5614\n\n\u0414\u043b\u044f \n\n\u0420\u0435\u0434\u041e\u0421: \n\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.01.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "01.10.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.02.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-01460",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-0146",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), vGPU",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 NVIDIA Virtual GPU Manager \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 NVIDIA Virtual GPU, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (\u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430) (CWE-120)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 NVIDIA Virtual GPU Manager \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 NVIDIA Virtual GPU \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-120",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
FKIE_CVE-2024-0146
Vulnerability from fkie_nvd - Published: 2025-01-28 04:15 - Updated: 2026-04-15 00:35
Severity
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering."
},
{
"lang": "es",
"value": "El software NVIDIA vGPU contiene una vulnerabilidad en el Administrador de GPU virtual, donde un invitado malintencionado podr\u00eda provocar da\u00f1os en la memoria. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, la denegaci\u00f3n de servicio, la divulgaci\u00f3n de informaci\u00f3n o la manipulaci\u00f3n de datos."
}
],
"id": "CVE-2024-0146",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
}
]
},
"published": "2025-01-28T04:15:09.447",
"references": [
{
"source": "psirt@nvidia.com",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
}
]
}
GHSA-CXH2-WJ62-MCXH
Vulnerability from github – Published: 2025-01-28 06:30 – Updated: 2025-01-28 06:30
VLAI
Details
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2024-0146"
],
"database_specific": {
"cwe_ids": [
"CWE-120"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-28T04:15:09Z",
"severity": "HIGH"
},
"details": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.",
"id": "GHSA-cxh2-wj62-mcxh",
"modified": "2025-01-28T06:30:40Z",
"published": "2025-01-28T06:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0146"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-0146
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2024-0146",
"id": "GSD-2024-0146"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-0146"
],
"id": "GSD-2024-0146",
"modified": "2023-12-13T01:21:42.581983Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-0146",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
WID-SEC-W-2025-0112
Vulnerability from csaf_certbund - Published: 2025-01-16 23:00 - Updated: 2025-05-27 22:00Summary
Nvidia Treiber: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: NVidia ist ein Hersteller von Grafikkarten.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Nvidia Treiber ausnutzen, um beliebigen Programmcode auszuführen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - UNIX
- Windows
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Nvidia Treiber Linux <535.230.02
Nvidia / Treiber
|
Linux <535.230.02 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Nvidia Treiber Linux <550.144.03
Nvidia / Treiber
|
Linux <550.144.03 | ||
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
HP Computer
HP
|
cpe:/h:hp:computer:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
Nvidia Treiber Windows <539.19
Nvidia / Treiber
|
Windows <539.19 | ||
|
Nvidia Treiber Windows <553.62
Nvidia / Treiber
|
Windows <553.62 | ||
|
Nvidia Treiber vGPU Software <16.9
Nvidia / Treiber
|
vGPU Software <16.9 | ||
|
Nvidia Treiber vGPU Software <17.5
Nvidia / Treiber
|
vGPU Software <17.5 |
References
15 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "NVidia ist ein Hersteller von Grafikkarten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Nvidia Treiber ausnutzen, um beliebigen Programmcode auszuf\u00fchren, vertrauliche Informationen preiszugeben, Dateien zu manipulieren oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0112 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0112.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0112 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0112"
},
{
"category": "external",
"summary": "NVIDIA Security Bulletin vom 2025-01-16",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0208-1 vom 2025-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020181.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0208-1 vom 2025-01-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/W62IRYVH7B2VEA4GDOLEFC5X55NCMB6L/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0207-1 vom 2025-01-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YPRCWB3A5EJFJXM4LJOOCSKH667ZDOU5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0208-1 vom 2025-01-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W62IRYVH7B2VEA4GDOLEFC5X55NCMB6L/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0207-1 vom 2025-01-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020182.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-030 vom 2025-01-21",
"url": "https://www.dell.com/support/kbdoc/de-de/000261121/dsa-2025-030"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0207-1 vom 2025-01-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YPRCWB3A5EJFJXM4LJOOCSKH667ZDOU5/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14667-1 vom 2025-01-22",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BKYZH6NZQXT63KTLGEJP3UP57QCHEDHV/"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-182878 vom 2025-02-12",
"url": "https://support.lenovo.com/us/en/product_security/LEN-182878"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF04014 vom 2025-01-29",
"url": "https://support.hp.com/de-de/document/ish_12185965-12185989-16/HPSBHF04014"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20327-1 vom 2025-05-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020910.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20319-1 vom 2025-05-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020912.html"
}
],
"source_lang": "en-US",
"title": "Nvidia Treiber: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-05-27T22:00:00.000+00:00",
"generator": {
"date": "2025-05-28T11:52:09.830+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0112",
"initial_release_date": "2025-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE und Dell aufgenommen"
},
{
"date": "2025-01-22T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-02-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von LENOVO aufgenommen"
},
{
"date": "2025-03-31T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T036868",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T030989",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T026557",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vGPU Software \u003c17.5",
"product": {
"name": "Nvidia Treiber vGPU Software \u003c17.5",
"product_id": "T040376"
}
},
{
"category": "product_version",
"name": "vGPU Software 17.5",
"product": {
"name": "Nvidia Treiber vGPU Software 17.5",
"product_id": "T040376-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:vgpu_software__17.5"
}
}
},
{
"category": "product_version_range",
"name": "vGPU Software \u003c16.9",
"product": {
"name": "Nvidia Treiber vGPU Software \u003c16.9",
"product_id": "T040377"
}
},
{
"category": "product_version",
"name": "vGPU Software 16.9",
"product": {
"name": "Nvidia Treiber vGPU Software 16.9",
"product_id": "T040377-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:vgpu_software__16.9"
}
}
},
{
"category": "product_version_range",
"name": "Windows \u003c553.62",
"product": {
"name": "Nvidia Treiber Windows \u003c553.62",
"product_id": "T040378"
}
},
{
"category": "product_version",
"name": "Windows 553.62",
"product": {
"name": "Nvidia Treiber Windows 553.62",
"product_id": "T040378-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:windows__553.62"
}
}
},
{
"category": "product_version_range",
"name": "Windows \u003c539.19",
"product": {
"name": "Nvidia Treiber Windows \u003c539.19",
"product_id": "T040379"
}
},
{
"category": "product_version",
"name": "Windows 539.19",
"product": {
"name": "Nvidia Treiber Windows 539.19",
"product_id": "T040379-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:windows__539.19"
}
}
},
{
"category": "product_version_range",
"name": "Linux \u003c550.144.03",
"product": {
"name": "Nvidia Treiber Linux \u003c550.144.03",
"product_id": "T040380"
}
},
{
"category": "product_version",
"name": "Linux 550.144.03",
"product": {
"name": "Nvidia Treiber Linux 550.144.03",
"product_id": "T040380-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:linux__550.144.03"
}
}
},
{
"category": "product_version_range",
"name": "Linux \u003c535.230.02",
"product": {
"name": "Nvidia Treiber Linux \u003c535.230.02",
"product_id": "T040381"
}
},
{
"category": "product_version",
"name": "Linux 535.230.02",
"product": {
"name": "Nvidia Treiber Linux 535.230.02",
"product_id": "T040381-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nvidia:display_driver:linux__535.230.02"
}
}
}
],
"category": "product_name",
"name": "Treiber"
}
],
"category": "vendor",
"name": "Nvidia"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0131",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-0131"
},
{
"cve": "CVE-2024-0146",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-0146"
},
{
"cve": "CVE-2024-0147",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-0147"
},
{
"cve": "CVE-2024-0149",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-0149"
},
{
"cve": "CVE-2024-0150",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-0150"
},
{
"cve": "CVE-2024-53869",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-53869"
},
{
"cve": "CVE-2024-53881",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-53881"
},
{
"cve": "CVE-2024-53889",
"product_status": {
"known_affected": [
"T040381",
"T002207",
"T040380",
"T036868",
"T027843",
"T030989",
"T026557",
"T040379",
"T040378",
"T040377",
"T040376"
]
},
"release_date": "2025-01-16T23:00:00.000+00:00",
"title": "CVE-2024-53889"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…