CVE-2024-0123

Summary

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIACUDA ToolkitAll versions up to and including CUDA Toolkit 12.6U1affected

Weaknesses

  • CWE-1285: CWE-1285

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References