CVE-2023-25512
published 2023-04-22CVE-2023-25512: NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump…
medium6.6CVSS 3.1
AVLACLPRNUIRSUCLIHAL
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nvidia-cuda-toolkit | < nvidia-cuda-toolkit 12.1.0-2 (forky) | nvidia-cuda-toolkit 12.1.0-2 (forky) |
| nvidia | cuda_toolkit | < 12.1.0 | 12.1.0 |
| nvidia | nvidia_cuda_toolkit | — | — |
CVSS provenance
nvdv3.16.6MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
osv6.6MEDIUM