CVE-2024-0146 HIGH

CVE-2024-0146

Vendor Nvidia
Product NVIDIA vGPU software
Weakness CWE-120
Published January 28, 2025
Last update January 28, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.

Key dates

02Disclosure timeline

January 28, 2025 CVE published
January 28, 2025 Record updated