Out-of-bounds Read in NVIDIA CUDA Toolkit's nvdisasm Binary
CVE-2024-53876

3.3LOW

Key Information:

Vendor
Nvidia
Status
Cuda Toolkit
Vendor
CVE Published:
25 February 2025

Summary

A vulnerability exists in the NVIDIA CUDA toolkit, specifically in the nvdisasm binary. By providing a malformed ELF file to nvdisasm, a user can trigger an out-of-bounds read, potentially leading to unpredictable behavior and a partial denial of service. Users utilizing the affected CUDA Toolkit versions should be aware of this risk and take necessary precautions to mitigate any potential exploitation.

Affected Version(s)

CUDA Toolkit Windows All versions up to CUDA Toolkit 12.8

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5594

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.