Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-0111

Опубликовано: 31 авг. 2024
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

A flaw was found in the NVIDIA CUDA Toolkit. Affected versions of this package contain a vulnerability in the 'cuobjdump' command where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift Lightspeedopenshift-lightspeed-beta/lightspeed-service-api-rhel9Affected
Red Hat Enterprise Linux AI (RHEL AI)rhelai1/bootc-nvidia-rhel9Will not fix
Red Hat Enterprise Linux AI (RHEL AI)rhelai1/instructlab-nvidia-rhel9Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-1284
https://bugzilla.redhat.com/show_bug.cgi?id=2308800NVIDIA CUDA Toolkit: Denial of service in NVIDIA CUDA

EPSS

Процентиль: 21%
0.00067
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-0111

CVSS3: 4.4
ubuntu
больше 1 года назад

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

nvd логотип

CVE-2024-0111

CVSS3: 4.4
nvd
больше 1 года назад

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

debian логотип

CVE-2024-0111

CVSS3: 4.4
debian
больше 1 года назад

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' wh ...

github логотип

GHSA-qccm-7jq2-92v7

CVSS3: 4.4
github
больше 1 года назад

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

fstec логотип

BDU:2025-13648

CVSS3: 4.4
fstec
больше 1 года назад

Уязвимость утилиты cuobjdump программного средства для параллельных вычислений на графических процессорах NVIDIA CUDA Toolkit, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 21%
0.00067
Низкий

4.4 Medium

CVSS3