cbcvebase.
CVE-2022-34667
published 2022-11-19

CVE-2022-34667: NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer…

medium4.4CVSS 3.1
AVLACLPRNUIRSUCNILAL
NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

Affected

3 ranges
VendorProductVersion rangeFixed in
debiannvidia-cuda-toolkit< nvidia-cuda-toolkit 11.8.0-2 (bookworm)nvidia-cuda-toolkit 11.8.0-2 (bookworm)
nvidiacuda_toolkit< 11.811.8
nvidianvidia_cuda_toolkit

CVSS provenance

nvdv3.14.4MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
osv4.4MEDIUM