CVE-2024-0118

EUVD-2024-15919
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
nvidiagpu_display_driver
565 ≤
𝑥
< 566.03
ADP
nvidiagpu_display_driver
550 ≤
𝑥
< 553.24
ADP
nvidiagpu_display_driver
535 ≤
𝑥
< 538.95
ADP
nvidiavirtual_gpu
𝑥
< 16.8
ADP
nvidiavirtual_gpu
17.0 ≤
𝑥
< 17.4
ADP
nvidiacloud_gaming_guest
𝑥
< 566.03
ADP
Common Weakness Enumeration
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5586
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2013