CVE-2024-0074

HIGH

NVIDIA GPU Display Driver - Use After Free

Title source: llm

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering.

References (1)

[Vendor Advisory] https://nvidia.custhelp.com/app/answers/detail/a_id/5520

Scores

CVSS v3 7.1

EPSS 0.0003

EPSS Percentile 9.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-788

Status published

Products (1)

nvidia/GPU Display driver, vGPU driver, Cloud Gaming driver All versions prior to and including 16.3, 13.9, and all versions prior to and including the January

Published Mar 27, 2024

Tracked Since Feb 18, 2026