mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-01 19:21:37 +00:00
60 lines
2.0 KiB
JSON
60 lines
2.0 KiB
JSON
{
|
|
"id": "CVE-2024-0146",
|
|
"sourceIdentifier": "psirt@nvidia.com",
|
|
"published": "2025-01-28T04:15:09.447",
|
|
"lastModified": "2025-01-28T04:15:09.447",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El software NVIDIA vGPU contiene una vulnerabilidad en el Administrador de GPU virtual, donde un invitado malintencionado podr\u00eda provocar da\u00f1os en la memoria. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, la denegaci\u00f3n de servicio, la divulgaci\u00f3n de informaci\u00f3n o la manipulaci\u00f3n de datos."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "psirt@nvidia.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "psirt@nvidia.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-120"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5614",
|
|
"source": "psirt@nvidia.com"
|
|
}
|
|
]
|
|
} |