{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0090", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2023-12-02T00:41:59.934Z", "datePublished": "2024-06-13T21:23:28.800Z", "dateUpdated": "2024-08-01T17:41:15.818Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "GPU display driver, vGPU software, and Cloud Gaming", "vendor": "nvidia", "versions": [{"status": "affected", "version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}], "value": "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"}]}], "metrics": [{"cvssV3_1": {"baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-06-13T21:23:28.800Z"}, "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE"}, "adp": [{"affected": [{"vendor": "nvidia", "product": "gpu_display_driver", "cpes": ["cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "17.1", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "16.5", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "13.10", "versionType": "custom"}]}, {"vendor": "nvidia", "product": "virtual_gpu", "cpes": ["cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "16.5", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "17.1", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "13.10", "versionType": "custom"}]}, {"vendor": "nvidia", "product": "cloud_gaming", "cpes": ["cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "13.10", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "17.1", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThanOrEqual": "16.5", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-14T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2024-0090"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T03:55:33.792Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:15.818Z"}, "title": "CVE Program Container", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:15.818Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0090", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-14T19:03:39.890811Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:*:*:*"], "vendor": "nvidia", "product": "gpu_display_driver", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "17.1"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "16.5"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "13.10"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:nvidia:virtual_gpu:-:*:*:*:*:*:*:*"], "vendor": "nvidia", "product": "virtual_gpu", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "16.5"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "17.1"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "13.10"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:nvidia:cloud_gaming:-:*:*:*:*:*:*:*"], "vendor": "nvidia", "product": "cloud_gaming", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "13.10"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "17.1"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "16.5"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T19:08:05.546Z"}}], "cna": {"title": "CVE", "source": {"discovery": "UNKNOWN"}, "impacts": [{"descriptions": [{"lang": "en", "value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "nvidia", "product": "GPU display driver, vGPU software, and Cloud Gaming", "versions": [{"status": "affected", "version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"}], "descriptions": [{"lang": "en", "value": "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", "supportingMedia": [{"type": "text/html", "value": "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", "base64": true}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-06-13T21:23:28.800Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0090", "state": "PUBLISHED", "dateUpdated": "2024-08-01T17:41:15.818Z", "dateReserved": "2023-12-02T00:41:59.934Z", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "datePublished": "2024-06-13T21:23:28.800Z", "assignerShortName": "nvidia"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "matchCriteriaId": "32EB51D2-1F34-4D1D-8B23-4029E350140F", "versionEndExcluding": "475.06", "versionStartIncluding": "470", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "matchCriteriaId": "6A930DF9-CB95-4BE4-999C-D75AB2C8C4AC", "versionEndExcluding": "538.67", "versionStartIncluding": "535", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "matchCriteriaId": "5C44719A-BFA0-479C-97D4-26301F4E2C63", "versionEndExcluding": "552.55", "versionStartIncluding": "550", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*", "matchCriteriaId": "940E9BEA-9FBE-4E3B-A79D-111C52653E5F", "versionEndExcluding": "555.99", "versionStartIncluding": "555", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", "matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", "matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", "matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", "matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", "matchCriteriaId": "D66C0B72-0A3F-4D61-8BF5-B0BED03014E0", "versionEndExcluding": "470.256.02", "versionStartIncluding": "470", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", "matchCriteriaId": "3EC43E03-3909-4AB5-A9FD-198E55167AD2", "versionEndExcluding": "535.180.01", "versionStartIncluding": "535", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", "matchCriteriaId": "9BEA1462-AA33-4ED9-91CD-737525B9E2C4", "versionEndExcluding": "550.90.07", "versionStartIncluding": "550", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*", "matchCriteriaId": "B0AB9E55-DB20-4FA4-8900-61C224514B49", "versionEndExcluding": "555.52.04", "versionStartIncluding": "555", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*", "matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*", "matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*", "matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7", "vulnerable": false}, {"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*", "matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "matchCriteriaId": "44592EFE-8D69-4B7F-B089-A612B5217199", "versionEndExcluding": "13.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5CBF021-7A5A-412A-BBC2-EB75C6343BB1", "versionEndExcluding": "16.6", "versionStartIncluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DFC08A7-3121-4D8F-88A6-9304C173A439", "versionEndExcluding": "17.2", "versionStartIncluding": "17.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "019A2188-0877-45DE-8512-F0BF70DD179C", "vulnerable": false}, {"criteria": "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7AE5C32-E060-44BA-8C13-3D73204191EE", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", "matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428", "vulnerable": false}, {"criteria": "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C8E669A-9DE1-42BD-94B1-98437BB66002", "versionEndExcluding": "555.99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", "matchCriteriaId": "699C6D58-B26C-4F27-A1BD-A1A80E0D6A36", "versionEndExcluding": "555.52.04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", "matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428", "vulnerable": false}, {"criteria": "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "matchCriteriaId": "6907E2B7-9C1A-4964-A6D3-CF16E376B91E", "versionEndExcluding": "17.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CF31A34-9492-498F-8A78-F233C0075CB2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}, {"lang": "es", "value": "El controlador de GPU NVIDIA para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una escritura fuera de los l\u00edmites. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, denegaci\u00f3n de servicio, escalada de privilegios, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos."}], "id": "CVE-2024-0090", "lastModified": "2024-08-15T22:17:49.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2024-06-13T22:15:12.170", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}

{}