Out-of-Bounds Read Vulnerability in NVIDIA CUDA Toolkit SDK
CVE-2023-0193

4.4MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Cuda Toolkit
Vendor: CVE Published:; 10 March 2023

What is CVE-2023-0193?

The NVIDIA CUDA Toolkit SDK features a vulnerability within the cuobjdump tool that allows a local user to execute the tool against a malicious binary. This exploitation could trigger an out-of-bounds read, leading to a limited denial of service and the potential for limited information disclosure, posing risks for system security. It is essential for users of the CUDA Toolkit SDK to be aware of this vulnerability and adopt appropriate measures to mitigate associated risks.

Affected Version(s)

NVIDIA CUDA Toolkit Windows All versions prior to 12.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5446

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2023
Vulnerability Reserved
Jan 11, 2023

Nvidia

What is CVE-2023-0193?

Affected Version(s)

References

CVSS V3.1

Timeline