Local User Vulnerability in NVIDIA CUDA Toolkit cuobjdump Tool
CVE-2023-0196

3.3LOW

Key Information:

Vendor: NVIDIA
Status: NVIDIA CUDA Toolkit
Vendor: CVE Published:; 2 March 2023

Summary

The NVIDIA CUDA Toolkit SDK has a vulnerability in its cuobjdump tool that allows a local user to exploit ill-formed binaries. This flaw can lead to a null-pointer dereference, which in turn may result in limited denial of service, impacting the availability of the tool for legitimate users.

Affected Version(s)

NVIDIA CUDA Toolkit Windows All versions prior to 12.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5446

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 2, 2023
Vulnerability Reserved
Jan 11, 2023