Out-of-Bounds Read Vulnerability in NVIDIA CUDA Toolkit for Windows
CVE-2024-53873
3.3LOW
Summary
A vulnerability exists in the NVIDIA CUDA toolkit for Windows, specifically in the cuobjdump binary. This flaw enables an attacker to trigger an out-of-bounds read by supplying a malformed ELF file to the cuobjdump utility. The implications of exploiting this vulnerability may include a partial denial of service, impacting the availability of associated services and functionalities. Organizations utilizing the CUDA Toolkit should take immediate steps to evaluate their security posture and implement necessary updates to safeguard against potential exploitation.
Affected Version(s)
CUDA Toolkit Windows All versions up to CUDA Toolkit 12.8
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved