NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 16 Sep 2024 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Microsoft
Microsoft windows
Nvidia
Nvidia cuda Toolkit
CPEs cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Microsoft
Microsoft windows
Nvidia
Nvidia cuda Toolkit

Thu, 08 Aug 2024 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 08 Aug 2024 16:30:00 +0000

Type Values Removed Values Added
Description NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published:

Updated: 2024-08-08T18:13:14.960Z

Reserved: 2023-12-02T00:42:11.461Z

Link: CVE-2024-0102

cve-icon Vulnrichment

Updated: 2024-08-08T18:13:08.171Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-08T17:15:18.013

Modified: 2024-09-16T19:37:37.487

Link: CVE-2024-0102

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.