CVE-2024-0131

Description

NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read  a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.

How to fix CVE-2024-0131

To remediate CVE-2024-0131, upgrade the affected package to a fixed version below.

• Debian/nvidia-graphics-drivers—no fix listed
• —no fix listed
• —upgrade to 525.147.05-6 or later
• —no fix listed
• —upgrade to 450.248.02-4 or later
• —upgrade to 460.106.00-3 or later
• —no fix listed
• —no fix listed
• —upgrade to 535.247.01-1~deb12u1 or later

Is CVE-2024-0131 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (9)

• from 0
• from 0
• from 0, < 525.147.05-6
• from 0
• from 0, < 450.248.02-4
• from 0, < 460.106.00-3
• from 0
• from 0
• from 0, < 535.247.01-1~deb12u1

CVSS scores

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2024-0131