CVE-2024-0084

Name of the Vulnerable Software and Affected Versions NVIDIA vGPU software for Linux (affected versions not specified) NVIDIA GPU Display Driver for Linux (affected versions not specified)

Description The issue is related to errors in access control, allowing an attacker to execute arbitrary code, elevate privileges, or disclose protected information. A successful exploit might lead to information disclosure, data tampering, escalation of privileges, and denial of service. The vulnerability is in the Virtual GPU Manager, where the guest OS could execute privileged operations.

Recommendations For NVIDIA vGPU software for Linux, consider disabling the Virtual GPU Manager until a patch is available to prevent the guest OS from executing privileged operations. For NVIDIA GPU Display Driver for Linux, restrict access to the driver to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.