CVE-2024-0102

2024-08-0817:15:18

CWE-125

nvidia

web.nvd.nist.gov

nvidia

cuda toolkit

vulnerability

nvdisasm

denial of service

out-of-bounds read

elf file

exploit

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

6.6

Confidence

High

EPSS

Percentile

9.5%

JSON

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "Linux"
    ],
    "product": "NVIDIA CUDA Toolkit",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions up to and including CUDA Toolkit 12.5U1"
      }
    ]
  }
]