CVE-2024-0150 in GPU Display Driver
Summary
by MITRE • 01/28/2025
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 08/04/2025
The vulnerability identified as CVE-2024-0150 represents a critical buffer overflow flaw within NVIDIA's GPU display drivers for both Windows and Linux operating systems. This issue stems from improper bounds checking during memory operations within the graphics driver code, specifically affecting the driver's handling of graphical data processing and display management functions. The flaw manifests when the driver processes certain graphical commands or data streams that exceed predetermined buffer boundaries, creating opportunities for malicious actors to manipulate memory regions beyond intended limits.
The technical implementation of this vulnerability aligns with CWE-121, which describes stack-based buffer overflow conditions where data is written past the end of a buffer. The flaw occurs in the driver's memory management subsystem where insufficient validation occurs before writing graphical data to allocated memory regions. Attackers can potentially exploit this by crafting specially formatted graphics commands or display operations that trigger the buffer overflow condition. The vulnerability's impact extends beyond simple memory corruption as it can be leveraged for information disclosure through memory content leakage, denial of service by crashing the graphics subsystem, or even data tampering by overwriting critical driver variables and control structures.
From an operational perspective, this vulnerability presents significant risk to systems utilizing NVIDIA GPUs, particularly in enterprise environments where graphics-intensive applications are common. The exploitability of CVE-2024-0150 is enhanced by the fact that it affects both Windows and Linux platforms, broadening the potential attack surface across diverse computing environments. The vulnerability can be triggered through normal graphics processing activities, making it particularly dangerous as it may not require specialized privileges or direct user interaction. Systems running affected NVIDIA drivers could be compromised through various attack vectors including malicious software installations, web browsing activities, or even legitimate applications that utilize graphics acceleration features.
The attack surface for this vulnerability is further expanded by the widespread adoption of NVIDIA GPUs in both consumer and enterprise computing environments, creating numerous potential entry points for adversaries. The flaw's potential for information disclosure means that sensitive data stored in GPU memory or related system memory regions could be accessed by attackers. Additionally, the denial of service aspect could disrupt critical operations in graphics-dependent applications or systems, while data tampering capabilities could allow for more sophisticated attacks targeting system integrity. Organizations should consider implementing mitigations such as driver updates, application whitelisting, and network segmentation to reduce exposure. The vulnerability's classification aligns with ATT&CK technique T1059 for execution through graphics processing, and T1566 for initial access via software supply chain compromises that could exploit this flaw in driver installations.