Vulnerability in NVIDIA CUDA Toolkit Affecting Multiple Platforms
CVE-2024-0076

3.3LOW

Key Information:

Vendor: Nvidia
Status: Nvidia Cuda Toolkit
Vendor: CVE Published:; 5 April 2024

Summary

The NVIDIA CUDA Toolkit exposes a vulnerability within its cuobjdump and nvdisasm tools. Attackers can exploit this issue by persuading users to process a crafted ELF file, potentially leading to application crashes. This flaw raises concerns about the robustness of applications relying on these tools and underscores the need for vigilant security practices when handling executable files.

Affected Version(s)

NVIDIA CUDA Toolkit All versions prior to CUDA Toolkit v12.4

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5517

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 5, 2024