NVIDIA CUDA Toolkit Vulnerability Could Lead to Limited Denial of Service
CVE-2024-0125

3.3LOW

Key Information:

Vendor: Nvidia
Status: Cuda Toolkit
Vendor: CVE Published:; 3 October 2024

Summary

A vulnerability exists in the NVIDIA CUDA Toolkit affecting the nvdisasm command line tool. This issue arises when a user attempts to process a malformed ELF file, leading to a NULL pointer dereference. If successfully exploited, this vulnerability may result in a limited denial of service, thereby disrupting normal operations of the toolkit. Users are advised to exercise caution and implement safeguards against potentially malformed inputs.

Affected Version(s)

CUDA Toolkit Windows All versions up to and including CUDA Toolkit 12.6U1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5577

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 3, 2024
Vulnerability Reserved
Dec 2, 2023