Out-of-Bounds Read Vulnerability in NVIDIA CUDA Toolkit for Linux and Windows
CVE-2023-25514

6.6MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Cuda Toolkit
Vendor: CVE Published:; 22 April 2023

What is CVE-2023-25514?

The NVIDIA CUDA Toolkit for Linux and Windows is susceptible to an out-of-bounds read vulnerability found in the cuobjdump component. Attackers could exploit this vulnerability by enticing a user into executing cuobjdump with a specially crafted malformed input file. This exploitation could allow for limited denial of service, potential code execution, and restricted information disclosure, thereby putting systems at risk. Users are advised to review and apply necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NVIDIA CUDA Toolkit All versions prior to 12.1 Update 1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5456

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2023
Vulnerability Reserved
Feb 7, 2023

JSON

Nvidia