Buffer Overflow Vulnerability in NVIDIA CUDA Toolkit
CVE-2025-23247

4.4MEDIUM

Key Information:

Vendor

Nvidia

Vendor
CVE Published:
27 May 2025

What is CVE-2025-23247?

The NVIDIA CUDA Toolkit for all platforms includes a vulnerability in the cuobjdump binary, where insufficient validation of buffer lengths allows users to input malformed ELF files. This oversight can result in crashes of the tool or, in some cases, the execution of arbitrary code, potentially compromising system integrity.

Affected Version(s)

NVIDIA CUDA Toolkit Windows All versions up to CUDA Toolkit 12.9

References

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-23247 : Buffer Overflow Vulnerability in NVIDIA CUDA Toolkit