CVE-2023-25510

Public on 2023-04-22
Modified on 2024-06-15
Description
NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service.
Severity
Low severity
Low
CVSS v3 Base Score
3.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 cuda Pending Fix
Amazon Linux 2 - Graphics Extra cuda Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
NVD CVSSv3 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L