First published: Sat Apr 22 2023(Updated: )
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA CUDA Toolkit | <12.0.1 | |
Linux Linux kernel | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this NVIDIA CUDA toolkit vulnerability is CVE-2023-25513.
The affected software for this vulnerability is NVIDIA CUDA toolkit for Linux and Windows.
The severity of CVE-2023-25513 is medium with a severity value of 6.6.
An attacker can exploit CVE-2023-25513 by tricking a user into running cuobjdump on a malformed input file, which may cause an out-of-bounds read and lead to limited denial of service, code execution, or other consequences.
No, the Linux Linux kernel and Microsoft Windows are not affected by this vulnerability.
You can find more information about this vulnerability at the following link: https://nvidia.custhelp.com/app/answers/detail/a_id/5456
The Common Weakness Enumeration (CWE) ID for this vulnerability is 125.