CVE-2023-0196

CWE-476NULL Pointer DereferenceCWE-362Race Condition6 documents6 sources
Severity
3.3LOW
EPSS
0.1%
top 83.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Cuda ToolkitNvidia Nvidia Cuda Toolkit
Timeline
PublishedMar 2
Latest updateMay 12

Description

NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

Debiannvidia-cuda-toolkit< 12.1.0-2+1
CVEListV5nvidia/nvidia_cuda_toolkitAll versions prior to 12.1

Patches

Patch: nvidia.custhelp.comPatch: nvidia.custhelp.com

🔴Vulnerability Details

3
CVEList
CVE-2023-0196: NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer derefe2023-03-02
OSV
CVE-2023-0196: NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer derefe2023-03-02
GHSA
GHSA-x53c-r2wv-4p59: NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer derefe2023-03-02

📋Vendor Advisories

2
CISA
Linux Kernel Race Condition Vulnerability2023-05-12
Debian
CVE-2023-0196: nvidia-cuda-toolkit - NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running ...2023
CVE-2023-0196 (LOW CVSS 3.3) | NVIDIA CUDA Toolkit SDK contains a | cvebase.io