CVE-2024-0084: CVE
First published: Thu Jun 13 2024(Updated: )
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| NVIDIA vGPU Software | <13.11 | |
| NVIDIA vGPU Software | >=14.0<16.6 | |
| NVIDIA vGPU Software | >=17.0<17.2 | |
| Any of | ||
| Ubuntu | ||
| Citrix Hypervisor | ||
| Red Hat Enterprise Linux Kernel-based Virtual Machine | ||
| VMware vSphere | ||
| All of | ||
| NVIDIA Cloud Gaming | <555.52.04 | |
| Any of | ||
| Red Hat Enterprise Linux Kernel-based Virtual Machine | ||
| VMware vSphere |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-0084?
The severity of CVE-2024-0084 is significant, as it allows the guest operating system to execute privileged operations potentially leading to information disclosure and privilege escalation.
How do I fix CVE-2024-0084?
To fix CVE-2024-0084, you should update your NVIDIA vGPU software to the latest version beyond the affected versions listed in the vulnerability report.
What systems are affected by CVE-2024-0084?
CVE-2024-0084 affects NVIDIA vGPU software versions prior to 13.11 and between 14.0 and 17.2, along with NVIDIA Cloud Gaming versions below 555.52.04.
What are the potential impacts of CVE-2024-0084 if exploited?
Exploitation of CVE-2024-0084 could lead to information disclosure, data tampering, escalation of privileges, and denial of service.
Is CVE-2024-0084 related to specific environments?
CVE-2024-0084 specifically impacts environments using NVIDIA vGPU software and may affect virtualized systems if the software is outdated.
- agent/references
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/type
- agent/description
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/nvidia
- canonical/nvidia vgpu software
- version/nvidia vgpu software/14.0
- version/nvidia vgpu software/17.0
- vendor/canonical
- canonical/ubuntu
- vendor/citrix
- canonical/citrix hypervisor
- vendor/redhat
- canonical/red hat enterprise linux kernel-based virtual machine
- vendor/vmware
- canonical/vmware vsphere
- canonical/nvidia cloud gaming