CVE-2024-0091: CVE
First published: Thu Jun 13 2024(Updated: )
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| NVIDIA GPU Display Driver | >=550<552.55 | |
| NVIDIA GPU Display Driver | >=555<555.99 | |
| Any of | ||
| NVIDIA GeForce | ||
| NVIDIA NVS Firmware | ||
| NVIDIA Quadro | ||
| NVIDIA RTX | ||
| NVIDIA Studio | ||
| NVIDIA tesla | ||
| All of | ||
| Any of | ||
| NVIDIA GPU Display Driver Linux | >=550<550.90.07 | |
| NVIDIA GPU Display Driver Linux | >=555<555.52.04 | |
| Any of | ||
| NVIDIA GeForce | ||
| NVIDIA NVS Firmware | ||
| NVIDIA Quadro | ||
| NVIDIA RTX | ||
| NVIDIA tesla | ||
| All of | ||
| Any of | ||
| NVIDIA vGPU Software | <13.11 | |
| NVIDIA vGPU Software | >=14.0<16.6 | |
| NVIDIA vGPU Software | >=17.0<17.2 | |
| Any of | ||
| Ubuntu | ||
| Citrix Hypervisor | ||
| Linux Kernel | ||
| Microsoft Windows | ||
| Red Hat Enterprise Linux Kernel-based Virtual Machine | ||
| VMware vSphere | ||
| All of | ||
| NVIDIA Cloud Gaming | <555.99 | |
| Microsoft Windows | ||
| All of | ||
| NVIDIA Cloud Gaming | <555.52.04 | |
| Any of | ||
| Linux Kernel | ||
| Red Hat Enterprise Linux Kernel-based Virtual Machine | ||
| VMware vSphere | ||
| All of | ||
| NVIDIA vGPU Software | <17.2 | |
| Microsoft Azure Stack HCI |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-0091?
CVE-2024-0091 is considered to have a medium severity due to its potential to cause denial of service and data tampering.
How do I fix CVE-2024-0091?
To fix CVE-2024-0091, update the NVIDIA GPU Display Driver to the latest version provided by NVIDIA.
What systems are affected by CVE-2024-0091?
CVE-2024-0091 affects specific versions of the NVIDIA GPU Display Driver on both Windows and Linux operating systems.
What are the potential impacts of CVE-2024-0091?
Exploitation of CVE-2024-0091 can lead to denial of service, information disclosure, and data tampering.
Are NVIDIA GeForce or Quadro products affected by CVE-2024-0091?
No, NVIDIA GeForce and Quadro products are not affected by CVE-2024-0091.
- agent/references
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/type
- agent/description
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/nvidia
- canonical/nvidia gpu display driver
- version/nvidia gpu display driver/550
- version/nvidia gpu display driver/555
- canonical/nvidia geforce
- canonical/nvidia nvs firmware
- canonical/nvidia quadro
- canonical/nvidia rtx
- canonical/nvidia studio
- canonical/nvidia tesla
- canonical/nvidia gpu display driver linux
- version/nvidia gpu display driver linux/550
- version/nvidia gpu display driver linux/555
- canonical/nvidia vgpu software
- version/nvidia vgpu software/14.0
- version/nvidia vgpu software/17.0
- vendor/canonical
- canonical/ubuntu
- vendor/citrix
- canonical/citrix hypervisor
- vendor/linux
- canonical/linux kernel
- vendor/microsoft
- canonical/microsoft windows
- vendor/redhat
- canonical/red hat enterprise linux kernel-based virtual machine
- vendor/vmware
- canonical/vmware vsphere
- canonical/nvidia cloud gaming
- canonical/microsoft azure stack hci