Lucene search

[email protected]NVD:CVE-2024-0109

HistoryAug 31, 2024 - 9:15 a.m.

CVE-2024-0109

2024-08-3109:15:05

CWE-125

[email protected]

web.nvd.nist.gov

nvidia cuda toolkit

cuobjdump

denial of service

out of bounds read

vulnerability

exploit

elf file

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

EPSS

Percentile

13.5%

JSON

NVIDIA CUDA Toolkit contains a vulnerability in command cuobjdump where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.

Affected configurations

Nvd

Node

nvidiacuda_toolkitRange≤12.6.0

VendorProductVersionCPE
nvidiacuda_toolkit*cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	cuda_toolkit	*	cpe:2.3:a:nvidia:cuda_toolkit::::::::

References

nvidia.custhelp.com/app/answers/detail/a_id/5564

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

EPSS

Percentile

13.5%

JSON

Related for NVD:CVE-2024-0109

cvelist1 vulnrichment1 osv1 debiancve1 redhatcve1 cve1 nessus1 nvidia1