CVE-2024-0102

CWE-125Out-of-bounds Read5 documents5 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 86.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Cuda ToolkitNvidia Nvidia Cuda Toolkit
Timeline
PublishedAug 8

Description

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDnvidia/cuda_toolkit< 12.6.0
CVEListV5nvidia/nvidia_cuda_toolkitAll versions up to and including CUDA Toolkit 12.5U1

🔴Vulnerability Details

3
CVEList
CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a use2024-08-08
GHSA
GHSA-pqx2-f9cx-8825: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a use2024-08-08
OSV
CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a use2024-08-08

📋Vendor Advisories

1
Debian
CVE-2024-0102: nvidia-cuda-toolkit - NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, wher...2024
CVE-2024-0102 (MEDIUM CVSS 5.5) | NVIDIA CUDA Toolkit for all platfor | cvebase.io