CVE-2024-0107
First published: Thu Aug 08 2024(Updated: )
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| NVIDIA GPU Display Driver | >=470<475.14 | |
| NVIDIA GPU Display Driver | >=555<556.12 | |
| NVIDIA GeForce | ||
| All of | ||
| Any of | ||
| NVIDIA GPU Display Driver | >=470<475.14 | |
| NVIDIA GPU Display Driver | >=535<538.78 | |
| NVIDIA GPU Display Driver | >=550<552.74 | |
| Any of | ||
| NVIDIA Quadro | ||
| NVIDIA RTX | ||
| NVIDIA tesla | ||
| All of | ||
| Any of | ||
| NVIDIA vGPU Software | <13.12 | |
| NVIDIA vGPU Software | >=14.0<16.7 | |
| NVIDIA vGPU Software | >=17.0<17.3 | |
| Microsoft Windows | ||
| All of | ||
| NVIDIA Cloud Gaming | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-0107?
CVE-2024-0107 has a high severity rating due to potential exploitation leading to code execution and privilege escalation.
How do I fix CVE-2024-0107?
Fix CVE-2024-0107 by updating your NVIDIA GPU Display Driver to a version that is not affected by this vulnerability.
Who is affected by CVE-2024-0107?
CVE-2024-0107 affects users of certain versions of the NVIDIA GPU Display Driver for Windows, specifically those between versions 470 and 475.14 and certain other specified ranges.
What are the potential impacts of CVE-2024-0107?
Exploitation of CVE-2024-0107 can lead to code execution, denial of service, privilege escalation, and information disclosure.
Is there a workaround for CVE-2024-0107?
There are no known workarounds for CVE-2024-0107; updating the driver is the recommended action.
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- agent/source
- vendor/nvidia
- canonical/nvidia gpu display driver
- version/nvidia gpu display driver/470
- version/nvidia gpu display driver/555
- canonical/nvidia geforce
- version/nvidia gpu display driver/535
- version/nvidia gpu display driver/550
- canonical/nvidia quadro
- canonical/nvidia rtx
- canonical/nvidia tesla
- canonical/nvidia vgpu software
- version/nvidia vgpu software/14.0
- version/nvidia vgpu software/17.0
- vendor/microsoft
- canonical/microsoft windows
- canonical/nvidia cloud gaming