CVE-2023-0193

4.4MEDIUM

Key Information:

Vendor
NVIDIA
Status
NVIDIA CUDA Toolkit
Vendor
CVE Published:
10 March 2023

Summary

NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure.

Affected Version(s)

NVIDIA CUDA Toolkit Windows All versions prior to 12.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5446

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.