CVE-2011-0636Sensitive Information Exposure in Nvidia Cuda Toolkit

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 81.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Cuda Toolkit
Timeline
PublishedJan 22
Latest updateMay 14

Description

The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during read or write operations.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-jh56-j7wq-5q62: The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 32022-05-14
CVEList
CVE-2011-0636: The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 32011-01-22
CVE-2011-0636 — Sensitive Information Exposure | cvebase