Denial of Service Vulnerability in NVIDIA CUDA Toolkit for Linux and Windows
CVE-2024-53879

2.8LOW

Key Information:

Vendor: Nvidia
Status: Cuda Toolkit
Vendor: CVE Published:; 25 February 2025

Summary

The NVIDIA CUDA toolkit for both Linux and Windows contains a vulnerability in the cuobjdump binary that allows an attacker to cause the application to crash by supplying a malformed ELF file. This issue could potentially lead to a situation where users experience a partial denial of service, affecting the availability of the application.

Affected Version(s)

CUDA Toolkit Windows All versions up to CUDA Toolkit 12.8

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5594

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Nov 22, 2024