First published: Fri Nov 18 2022(Updated: )
NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA CUDA Toolkit | <11.8 | |
Linux Linux kernel | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this NVIDIA CUDA Toolkit SDK vulnerability is CVE-2022-34667.
The affected software for this vulnerability is NVIDIA CUDA Toolkit.
The severity of vulnerability CVE-2022-34667 is medium with a severity value of 4.4.
This vulnerability can be exploited by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally.
No, the Linux kernel is not affected by this vulnerability.