NULL Pointer Dereference Vulnerability in NVIDIA CUDA Toolkit for Linux and Windows
CVE-2023-25523

3.3LOW

Key Information:

Vendor: Nvidia
Status: Cuda Toolkit
Vendor: CVE Published:; 4 July 2023

Summary

The NVIDIA CUDA toolkit for both Linux and Windows platforms has a vulnerability in the nvdisasm binary file. This issue arises from the processing of malformed ELF files, which could lead to a NULL pointer dereference. Attackers exploiting this vulnerability may trigger a partial denial of service, impacting system stability. Organizations using this toolkit should review their configurations and apply necessary patches to mitigate the risk.

Affected Version(s)

CUDA Toolkit All versions prior to CUDA Toolkit v12.2

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5469

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 4, 2023
Vulnerability Reserved
Feb 7, 2023