Stack-based Buffer Overflow Vulnerability in NVIDIA CUDA Toolkit SDK
CVE-2022-34667

4.4MEDIUM

Key Information:

Vendor
Nvidia
Vendor
CVE Published:
19 November 2022

Summary

The NVIDIA CUDA Toolkit SDK has a stack-based buffer overflow vulnerability found in the cuobjdump component. This flaw may allow an unprivileged remote attacker to exploit the vulnerability by convincing a local user to download and execute a specially crafted corrupted file with cuobjdump. If successfully exploited, this could result in a limited denial of service and potential data integrity issues for the affected local user.

Affected Version(s)

NVIDIA CUDA Toolkit All versions prior to 11.8

References

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.