Nvidia Cuda Toolkit vulnerabilities

CVE-2025-23339 [LOW] CWE-121 CVE-2025-23339: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may ca NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running cuobjdump.

CVE-2025-23275 [MEDIUM] CWE-787 CVE-2025-23275: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure.

CVE-2025-23308 [LOW] CWE-122 CVE-2025-23308: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cau NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm.

CVE-2025-23274 [MEDIUM] CWE-125 CVE-2025-23274: NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service.

CVE-2025-23273 [LOW] CWE-369 CVE-2025-23273: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

CVE-2025-23338 [LOW] CWE-129 CVE-2025-23338: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.

CVE-2025-23272 [MEDIUM] CWE-125 CVE-2025-23272: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service.

CVE-2025-23346 [LOW] CWE-476 CVE-2025-23346: NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NU NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service.

CVE-2025-23248 [LOW] CWE-125 CVE-2025-23248: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user m NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23271 [LOW] CWE-125 CVE-2025-23271: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user m NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23255 [LOW] CWE-125 CVE-2025-23255: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23340 [LOW] CWE-125 CVE-2025-23340: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user m NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23247 [MEDIUM] CWE-130 CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a fail NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

CVE-2024-0109 [LOW] CWE-125 CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash b NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.

CVE-2024-0102 [LOW] CWE-125 CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can ca NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.

CVE-2024-0076 [LOW] CWE-125 CVE-2024-0076: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an a NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2024-0072 [LOW] CWE-476 CVE-2024-0072: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an a NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2023-25512 [MEDIUM] CWE-125 CVE-2023-25512: NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker m NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.

CVE-2023-25513 [MEDIUM] CWE-125 CVE-2023-25513: NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker m NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.

CVE-2023-25514 [MEDIUM] CWE-125 CVE-2023-25514: NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker m NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.