Denial of Service Risk in NVIDIA CUDA Toolkit due to Malformed ELF Files
CVE-2024-53878

2.8LOW

Key Information:

Vendor: Nvidia
Status: Cuda Toolkit
Vendor: CVE Published:; 25 February 2025

Summary

The NVIDIA CUDA Toolkit for both Linux and Windows contains a vulnerability within the cuobjdump binary. This issue arises when a user supplies a malformed ELF file to cuobjdump, which can lead to a crash. If exploited, this vulnerability could result in a partial denial of service, impacting system performance and availability.

Affected Version(s)

CUDA Toolkit Windows All versions up to CUDA Toolkit 12.8

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5594

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Nov 22, 2024