CVE-2024-0125NULL Pointer Dereference in Nvidia Cuda Toolkit

CWE-476NULL Pointer Dereference6 documents6 sources
Severity
3.3LOWNVD
EPSS
0.0%
top 86.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Cuda Toolkit
Timeline
PublishedOct 3

Description

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDnvidia/cuda_toolkit< 12.6.2
CVEListV5nvidia/cuda_toolkitAll versions up to and including CUDA Toolkit 12.6U1

🔴Vulnerability Details

3
CVEList
CVE-2024-0125: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference2024-10-03
OSV
CVE-2024-0125: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference2024-10-03
GHSA
GHSA-6jf3-p3mx-v587: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference2024-10-03

📋Vendor Advisories

2
Red Hat
NVIDIA CUDA Toolkit: NULL pointer dereference via malformed ELF file2024-10-03
Debian
CVE-2024-0125: nvidia-cuda-toolkit - NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisa...2024
CVE-2024-0125 — NULL Pointer Dereference in Nvidia | cvebase