CVE-2024-0150

Description

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.

How to fix CVE-2024-0150

To remediate CVE-2024-0150, upgrade the affected package to a fixed version below.

• Debian/nvidia-graphics-drivers—no fix listed
• —no fix listed
• —upgrade to 525.147.05-6 or later
• —no fix listed
• —upgrade to 450.248.02-4 or later
• —upgrade to 460.106.00-3 or later
• —no fix listed
• —no fix listed
• —upgrade to 535.247.01-1~deb12u1 or later

Is CVE-2024-0150 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (9)

• from 0
• from 0
• from 0, < 525.147.05-6
• from 0
• from 0, < 450.248.02-4
• from 0, < 460.106.00-3
• from 0
• from 0
• from 0, < 535.247.01-1~deb12u1

CVSS scores

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2024-0150