Lucene search

K

NVIDIA CUDA Toolkit < 12.2 DoS

NVIDIA CUDA Toolkit < 12.2 DoS. NVIDIA CUDA Toolkit affected by denial of service vulnerability due to NULL pointer deference in the nvdiasm binary file when parsing malformed ELF file

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
UbuntuCve
CVE-2023-25523
4 Jul 202300:00
ubuntucve
OSV
CVE-2023-25523
4 Jul 202300:15
osv
Prion
Null pointer dereference
4 Jul 202300:15
prion
NVD
CVE-2023-25523
4 Jul 202300:15
nvd
Vulnrichment
CVE-2023-25523
3 Jul 202323:27
vulnrichment
Cvelist
CVE-2023-25523
3 Jul 202323:27
cvelist
Nvidia
Security Bulletin: NVIDIA CUDA Toolkit - June 2023
29 Jun 202300:00
nvidia
Debian CVE
CVE-2023-25523
4 Jul 202300:15
debiancve
CVE
CVE-2023-25523
4 Jul 202300:15
cve
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(178015);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/11");

  script_cve_id("CVE-2023-25523");
  script_xref(name:"IAVB", value:"2023-B-0047-S");

  script_name(english:"NVIDIA CUDA Toolkit < 12.2 DoS");

  script_set_attribute(attribute:"synopsis", value:
"The version of NVIDIA CUDA Toolkit installed on the remote host is affected by a denial of service vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of NVIDIA CUDA Toolkit installed on the remote host is prior to 12.2. It is, therefore affected by a
denial of service vulnerability due to a NULL pointer deference in the nvdiasm binary file when parsing a malformed
ELF file.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://nvidia.custhelp.com/app/answers/detail/a_id/5469");
  script_set_attribute(attribute:"solution", value:
"Upgrade to NVIDIA CUDA Toolkit 12.2 or later.");
  script_set_attribute(attribute:"agent", value:"windows");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-25523");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/06/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/06/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/06");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:nvidia:cuda_toolkit");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("nvidia_cuda_toolkit_win_installed.nbin");
  script_require_keys("installed_sw/NVIDIA CUDA Toolkit");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::get_app_info(app:'NVIDIA CUDA Toolkit');

var constraints = [
  { 'fixed_version' : '12.2' }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
06 Jul 2023 00:00Current
4Medium risk
Vulners AI Score4
CVSS33.3
EPSS0.001
SSVC
19
.json
Report