CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local
users to overwrite arbitrary files via a symlink attack on the
/tmp/nvidia-cg-toolkit-manifest temporary file.
Author | Note |
---|---|
jdstrand | per Debian, code can be run via postinst, but requires special circumstances |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | nvidia-cg-toolkit | < any | UNKNOWN |
ubuntu | 20.04 | noarch | nvidia-cg-toolkit | < any | UNKNOWN |
ubuntu | 22.04 | noarch | nvidia-cg-toolkit | < any | UNKNOWN |
ubuntu | 24.04 | noarch | nvidia-cg-toolkit | < any | UNKNOWN |
ubuntu | 16.04 | noarch | nvidia-cg-toolkit | < any | UNKNOWN |