CVE-2024-0085

{"id": "CVE-2024-0085", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-06-13T22:15:11.483", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-266"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service."}, {"lang": "es", "value": "El software NVIDIA vGPU para Windows y Linux contiene una vulnerabilidad por la que usuarios sin privilegios podr\u00edan ejecutar operaciones privilegiadas en el host. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar manipulaci\u00f3n de datos, escalada de privilegios y denegaci\u00f3n de servicio."}], "lastModified": "2024-11-21T08:45:51.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44592EFE-8D69-4B7F-B089-A612B5217199", "versionEndExcluding": "13.11"}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5CBF021-7A5A-412A-BBC2-EB75C6343BB1", "versionEndExcluding": "16.6", "versionStartIncluding": "14.0"}, {"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DFC08A7-3121-4D8F-88A6-9304C173A439", "versionEndExcluding": "17.2", "versionStartIncluding": "17.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vsphere:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A83E0A15-0D3D-453F-B11F-F0B493ECD208"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "019A2188-0877-45DE-8512-F0BF70DD179C"}, {"criteria": "cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7AE5C32-E060-44BA-8C13-3D73204191EE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "699C6D58-B26C-4F27-A1BD-A1A80E0D6A36", "versionEndExcluding": "555.52.04"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06C8B1C5-6401-45F9-8D3E-47E32067F428"}, {"criteria": "cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E4A22C5-B3E1-4106-997C-D1C845F2C1EE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6907E2B7-9C1A-4964-A6D3-CF16E376B91E", "versionEndExcluding": "17.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_stack_hci:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1CF31A34-9492-498F-8A78-F233C0075CB2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}