CVE-2024-0127 HIGH

CVE-2024-0127

Vendor Nvidia
Product vGPU and Cloud Gaming
Weakness CWE-20 · Input validation
Published October 26, 2024
Last update November 1, 2024
View on NVD All CVEs

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of the guest OS can cause an improper input validation by compromising the guest OS kernel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

Key dates

02Disclosure timeline

October 26, 2024 CVE published
November 1, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-8097 WoodMart - Multipurpose WooCommerce Theme <= 8.2.6 - Improper Input Validation Leading to Unauthenticated Cart Manipulation CVE-2026-21496 NULL Pointer Dereference in iccDEV Signature Parser CVE-2024-55630 DOM Clobbering leads to temporary DOS in the note viewer in Joplin CVE-2020-3526 Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability CVE-2021-37665 Incomplete validation in MKL requantization in TensorFlow