kmod-nvidia CVE-2024-0075

Moderate

jpculp published GHSA-926h-xffc-8mqw

Mar 1, 2024

Package

kmod-5.15-nvidia (bottlerocket)

Affected versions

< 1.19.2

Patched versions

1.19.2

kmod-6.1-nvidia (bottlerocket)

< 1.19.2

1.19.2

Description

The NVIDIA GPU display driver for Linux contains a NULL-pointer dereference flaw because of a missing validation check when accessing parameters, which may lead to denial of service.

Severity

Moderate

/ 10

CVSS v3 base metrics

Attack vector

Local

Attack complexity

Low

Privileges required

Low

User interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H