Out-of-bounds Read Vulnerability in NVIDIA CUDA Toolkit cuobjdump Binary
CVE-2024-53874

3.3LOW

Key Information:

Vendor: Nvidia
Status: Cuda Toolkit
Vendor: CVE Published:; 25 February 2025

Summary

The NVIDIA CUDA toolkit across all platforms is vulnerable due to an issue in the cuobjdump binary. This vulnerability allows an attacker to exploit the software by submitting a malformed ELF (Executable and Linkable Format) file which may lead to an out-of-bounds read. If successfully exploited, this can result in a partial denial of service, compromising system stability and user experience.

Affected Version(s)

CUDA Toolkit Windows All versions up to CUDA Toolkit 12.8

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5594

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Nov 22, 2024